Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Survivor's Guide to 2007: Security: Page 3 of 9

Later this year we'll review the latest crop of code scanners to see whether they're effective safeguards, or simply provide a false sense of security. For now, your best bet is endpoint protection products that detect and block suspicious runtime activity. It's very difficult to write code to defend against buffer overflows, for example, but developing driver-level systems that watch buffers like hawks and stop overflows is relatively easy. Vendors such as Privacyware, Sana Security and V.i. Laboratories are leading this charge, but McAfee and other antivirus vendors are right there in the thick of it.

Watch for this memory protection technology to find its way into mainstream desktop security products through antivirus and HIPS vendors; the functionality will also be in standalone packages. By year's end, all your nodes should be guarded by tools that protect APIs, watch for buffer overflows and control automated application modification of certain parts of the system registry.

Meanwhile, as traditional SOA security vendors, such as Forum Systems, IBM-DataPower and Reactivity, were off selling broad packages to the enterprise, newcomer Layer 7 Technologies not only invaded their turf, it picked up the Ajax security ball and ran with it. Layer 7 provides Web 2.0-specific security features, such as schema validation, data scrubbing and validation, plus basic DoS and schema tightening for the developer's newest darling.