SCOTTSDALE, AZ - Security was on everyone's mind this week at Demo 2004. Sure, the weather was sunny and warm, the drinks flowed like a desert spring, and the golf courses beckoned. But if attendees were tempted to forget the ever-more-sophisticated security threats surfacing seemingly every day, a flood of security product announcements made sure to remind them.
Just like the threats, the new products came in all sizes and flavors, from global warning systems to fraud detectors, offering protection for web services, web applications, instant messaging, incoming and outgoing e-mail, and more. The danger may be increasing, but so is the arsenal of weapons with which to fight back.
Warning! Warning! Danger! Danger!
Forescout Technologies's new Global Early Warning System (GEWS) is designed to aggressively seek out network threats before they have a chance to strike. Instead of waiting for an attack, GEWS is designed to determine find hackers and worms in action in time to block them.
Customers running Forescout around the world form a network of sensors to collect, correlate, and distribute data on the IP addresses, owners, attacks, and timing of threats. This information is used to create real-time maps of malicious activity, and the information is then distributed to GEWS customers' routers, firewalls, and even PCs.
To determine a threat, GEWS senses when an application is asking for information for possibly malicious purposes, feeds it false information as a test, and then traps the application if it tries to use the data for an attack. According to the company, some 97 percent of attacks are preceded by some form of reconnaissance, which could alert GEWS. And although GEWS can't trap every attack, its unique approach removes the possibility of false positives and will catch threats that other systems miss, said Oded Comay, CTO of the San Mateo, Calif. company. Just as important, because the GEWS system tracks behaviors, it's not dependent on constantly updating a massive database of threat signatures.