Infrastructure software provider TIBCO Software Inc (NASDAQ:TIBX) has introduced a new security offering designed to help protect digital infrastructures and critical information systems, the company revealed today.
The TIBCO CyberSecurity Platform can be used to anticipate and help prevent new threats before they jeopardise business operations, TIBCO claims.
It offers increased visibility of events to recognise perpetrators of unauthorised transactions; deeper contextual awareness to detect threats by correlating both activity and status changes; and the ability to learn, adapt and help defend itself with synchronised countermeasures.
The TIBCO CyberSecurity Platform is designed to work with existing solutions that enforce security at lower-level components and it sits on top of these components to assist in providing security at the business level.
Monday, August 22, 2011
Microsoft to pay $250,000 for hot new security defenses
Microsoft is offering more than $250,000 to researchers who develop new security defenses to protect Windows users against attacks that exploit software bugs.
Microsoft's Blue Hat Prize announced on Wednesday at the Black Hat security conference will pay $200,000 for the best “novel runtime mitigation technology designed to prevent the exploitation of memory safety vulnerabilities.” The two runners up will receive $50,000 and a MSDN Universal subscription valued at $10,000, respectively.
“The Microsoft BlueHat Prize contest is designed to generate new ideas for defensive approaches to support computer security,” the software maker's announcement stated. “As part of our commitment to a more secure computing experience, we hope to inspire security researchers to develop innovative solutions intended to address serious security threats.”
Microsoft over the years has added an alphabet soup of protections to its software that are designed to mitigate the damage that can be done when hackers discover buffer overflows and other bugs that inevitably afflict any complex piece of code. ASLR, or address space layout randomization; DEP, or data execution prevention; SEHOP, or structured exception handling overwrite protection; and SafeSeh are just some of the examples.
The protections aren't intended to prevent bugs, but rather to prevent attackers from exploiting them to steal data or remotely execute malicious code on vulnerable systems.
“This is the first and largest incentive prize ever offered by Microsoft, and possibly the industry, for defensive computer security technology,” Matt Thomlinson, general manager of Microsoft’s Trustworthy Computing Group, wrote here. “In the age of increased risk of attacks on personal, corporate and government computer systems, Microsoft recognizes the need to encourage and nurture innovation in the area of exploit mitigations.
Wednesday's announcement came a week after Facebook joined Mozilla and Google in paying cash bounties to researchers who privately report security vulnerabilities in their software and services. Microsoft continues to steadfastly refuse to reimburse bug discoverers for the time and expertise they provide in helping stamp out bugs on the Windows platform.
Microsoft's Blue Hat Prize announced on Wednesday at the Black Hat security conference will pay $200,000 for the best “novel runtime mitigation technology designed to prevent the exploitation of memory safety vulnerabilities.” The two runners up will receive $50,000 and a MSDN Universal subscription valued at $10,000, respectively.
“The Microsoft BlueHat Prize contest is designed to generate new ideas for defensive approaches to support computer security,” the software maker's announcement stated. “As part of our commitment to a more secure computing experience, we hope to inspire security researchers to develop innovative solutions intended to address serious security threats.”
Microsoft over the years has added an alphabet soup of protections to its software that are designed to mitigate the damage that can be done when hackers discover buffer overflows and other bugs that inevitably afflict any complex piece of code. ASLR, or address space layout randomization; DEP, or data execution prevention; SEHOP, or structured exception handling overwrite protection; and SafeSeh are just some of the examples.
The protections aren't intended to prevent bugs, but rather to prevent attackers from exploiting them to steal data or remotely execute malicious code on vulnerable systems.
“This is the first and largest incentive prize ever offered by Microsoft, and possibly the industry, for defensive computer security technology,” Matt Thomlinson, general manager of Microsoft’s Trustworthy Computing Group, wrote here. “In the age of increased risk of attacks on personal, corporate and government computer systems, Microsoft recognizes the need to encourage and nurture innovation in the area of exploit mitigations.
Wednesday's announcement came a week after Facebook joined Mozilla and Google in paying cash bounties to researchers who privately report security vulnerabilities in their software and services. Microsoft continues to steadfastly refuse to reimburse bug discoverers for the time and expertise they provide in helping stamp out bugs on the Windows platform.
Tuesday, August 9, 2011
China victim of 500,000 cyber-attacks in 2010, says security agency
Chinese computer security agency says almost half of cyber-attacks originated overseas, including nearly 15% from US
China's computer security agency claimed nearly 15% of cyber-attacks on its organisations last year originated in the US. Photograph: Associated Press
China's computer security agency claimed nearly 15% of cyber-attacks on its organisations last year originated in the US. Photograph: Associated Press
China was hit by nearly 500,000 cyber-attacks last year, with almost half originating overseas, according to the country's computer security agency.
The National Computer Network Emergency Response Co-ordination Centre said 14.7% of the attacks came from the US and 8% from India.
The report follows suggestions Beijing might be behind global cyber-attacks over the past five years targeting more than 70 government organisations.
A state newspaper called it "irresponsible" to link China with the hacking incidents reported by the McAfee computer security firm.
China has not officially commented on the report but has in the past denied charges of hacking.
The National Computer Network Emergency Response Co-ordination Centre said 14.7% of the attacks came from the US and 8% from India.
The report follows suggestions Beijing might be behind global cyber-attacks over the past five years targeting more than 70 government organisations.
A state newspaper called it "irresponsible" to link China with the hacking incidents reported by the McAfee computer security firm.
China has not officially commented on the report but has in the past denied charges of hacking.
Subscribe to:
Comments (Atom)