Secure customer support
map
contact
home
bandeau.gauche.jpg
bandeau.droit.2.jpg
 
 SECURITY FEED
 

 

• I really don't want to use Windows anymore
Every week, more and more bits of malware seem to be making their way past commercial anti-virus, firewall anti-virus, and ISP anti-virus software. New patches and downloads abound, and I've still re-imaged 3 computers in the last 2 weeks due to massive infestations. This is to say nothing...

 

• What does the spam ISP shutdown really mean?
It has been over a week since the takedown of an ISP responsible for directing a large portion of Internet's spam. While many groups immediately hailed a massive drop in spam, the true story was more nuanced. Everyone, save the spammers, hates spam, and this story...

 

• Witnesses set for MySpace suicide trial
Well, it's shaping up to be a juicy time at the trial of psycho-mom Lori Drew, the woman whose weirdo obsession with a neighbor girl led to the teen's MySpace-driven suicide. A long list of witnesses are poised to testify, Wired reports, including the parents of...

 

• Microsoft give students the finger, once again
Today, Zack writes a short letter to Microsoft, asking why they keep screwing with his head and changing their plans all the time. by Zack Whittaker

 

• Malware found in Lenovo software package
Computer maker Lenovo is shipping a malware-infected software package to Windows XP users, according to warning from anti-virus researchers at Microsoft. The malicious file was identified by Microsoft as Win32/Meredrop, a Trojan dropper that is used to install and execute multiple malicious executables on an infected computer....

 

• Microsoft-hosted Online security-service for business users due in 2010
Microsoft's just-announced free anti-virus/anti-malware service, codenamed Morro, isn't the only new Microsoft security service in the works. There's a Microsoft-hosted security service for businesses in the pipeline, too, and it's due in 2010, according to a new Microsoft blog posting. by Mary Jo Foley

 

• IT Dojo: Five things you should know about rootkits [video]
Rootkits are a serious threat. Rootkit-based botnets unleash seas of spam, and the most dangerous rootkits allow attackers to steal corporate and individual financial information. In this IT Dojo video, Bill Detwiler covers the following five things you should know about rootkits in order to keep your...

 

• Fake Windows XP activation trojan goes 2.0
Known as Kardphisher and "in the wild" since April, 2007, last week the malware author of this trojan horse mimicking the Windows XP activation interface while collecting the credit card details the end user has submitted, has made significant changes to visual interface and usability of the trojan, consequently improving...

 

• Apple dodges antitrust bullet
A California judge has granted Apple's motion to dismiss Psystar's counterclaims that the company violated antitrust laws by blocking third-parties from selling Mac OS-based systems. by Adrian Kingsley-Hughes

 

• Commercial vendor of spyware under legal fire
Just like every decent marketer out there, vendors of commercial malware tools are very good at positioning their tools. However, their pitches often contradict with themselves in a way that what's promoted as a Remote Administration Tool, has in fact built-in antivirus software evading capabilities, rootkit functionality and tutorials on...

 

• What really happened to the candidates' computers?
Now that two weeks have passed since the end of the presidential campaigns, it is worthwhile to take a look at what I think should have one of the biggest cybercrime stories of the year. As Ryan blogged the day after the election, both the McCain and the Obama...

 

• Microsoft kills Windows Live OneCare and Equipt subscription services
Microsoft is discontinuing its paid Windows Live OneCare subscription security service. Microsoft is touting a new, free security service, codenamed "Morro," and due in the second half of 2009, as OneCare's successor. The Microsoft press release and statements on Morro offer some other interesting tidbits. by Mary Jo Foley

 

• Microsoft kills OneCare, replaces it with freebie 'Morro'
Microsoft today announced plans to kill its Windows Live OneCare PC care and security suite and replace it with a free anti-malware utility. The new product, code-named "Morro," will be designed for a smaller footprint that will use fewer computing resources, making it ideal for low-bandwidth scenarios...

 

• Changing business landscape makes identity and access management key to IT security
To learn more about how enterprises can begin coordinated identity and access management strategies, BriefingsDirect's Dana Gardner spoke with Dan Rueckert, worldwide practice director for security and risk management in HP's Consulting and Integration group; Archie Reed, distinguished technologist in HP's security office in the Enterprise Storage and Server Group,...

 

• OS earns highest-ever gov't security rating. Does that make it "most secure?"
I have to admit that I had never before heard of a certification called EAL6+ High Robustness until the folks at Green Hills Software reached out to tell me that they were about to get it for their operating system, formally called INTEGRITY 178B. EAL6+ High...
 
ICX™

• ICX Concept

The ICX concept is simple, pragmatic and innovative. ICX uses the most advanced technologies for analyzing, classifying and filtering application traffic, and makes them work together with orchestration rules that can be easily adapted by users via a simple graphic interface.
 
ICX correlates the decision making process from multiple technologies, algorithms and data inputs. It benefits from both the accuracy of determinist technology - such as pattern matching -  and from Neural Network behavioural classification. It analyzes both single request and sessions in order to prevent any abnormal application usage. 

• ICX engines

The number and type of engine used and correlated by ICX are not restricted. Bee Ware’s current implementation of ICX combines the following inspection engines:

  • Intrusion & Attack Protection

- Correlated Pattern Matching
- Positive Security model
- Negative Security Model

  • Behaviour analysis

- Neural Network
- Dynamic White List
- Automated Process Detection (APD™)
- Session tracking
- User Authentication Tracking

  • Response modes

- Extraction from the network flow and processing of HTTP queries
- Confirmation or negation of whether a query as a whole is dangerous
- Categorization of the type of the query
- Specification of what constitutes the attack or the potential danger in the query
- On-the-fly modification of flows to and from backend servers and users

 

• ICX Running Mode

The ICX objective is to analyze Web traffic with both accuracy and efficiency. It is thus very important to minimize processing time in order to avoid the introduction of any delay or latency.
Another strong constraint comes from the Session Tracking. To understand user behaviour sequential connections need to be monitored. 

With ICX, traffic analysis is achieved in just 2 phases: Session information extraction and context correlation of traffic characteristics. An immediate report is issued to the application which can then apply the appropriate response measure.

 

• ICX Summary

ICX is the most exhaustive and most accurate Web traffic inspection technology available: it combines the best available algorithms and has been designed to take advantage of any supporting platform. ICX is used by Bee Ware in both Layer 2 and Layer 7 but it could also be integrated on a router in order to filter or reroute Web traffic.
ICX is dedicated on Web traffic but is able to inspect and filter any kind of HTTP traffic, Web, XML, and Web Services.

 
  © Bee Ware - legal notice
French
English