In the previous articles, we’ve discussed all of the security issues that face a modern enterprise. Security was always something that was a necessary evil, something that we had to do outside the main core business that we worked on. As we’ve moved from the closed walls of the enterprises of the past, into the Cloud and Internet era, we are now seeing security as being an intrinsic part of our business. Data protection, regulations and laws around privacy, as well as reputation of our brand, has brought security out of the shadows and into the mainstream of our business. As the massive impact that this has on our business starts to become clear, we can also see that new approaches to security need to be taken. Approaches that encompass the extended enterprise as our perimeter become ever more fuzzy.
One of the areas that require most focus and one which is a newcomer to the security arena is the idea of having real-time, or ‘live’, insight into security threats. This is what we like to term ‘new gen’ security. Old school security tools were static. Anti-virus software and traditional firewalls were built to deal with known threats. Research has shown that these sorts of tools, although still having a place, do fall short of the mark in terms of modern threats. For example, a report, by security company Imperva, that looked at the effectiveness of anti-virus software, found that 75% of the software took a month or longer to update their definitions. In a world where cybercriminals freely share information on software vulnerabilities and where in 2014 there were 317 million new pieces of malware released, we find ourselves in a situation where we simply cannot rely on static tools. We need to shift our thinking in how to deal with such an overbearing threat. The way forward is with a dynamic methodology, known as “live security insight”.
Live Security Insight
The security threat landscape is fluid. We are finding ourselves in times where we have never been so regulated in terms of security and privacy. The EU data privacy laws are some of the strictest in the world and the EU regularly set funding, such as the Horizon 2020 fund, to look at improving ways that we deal with data security and privacy. Data security and privacy has become a mainstream and vital part of our business world.
An emerging area that has been developed to deal with the fluid nature of security threats and the ever increasing web attack surface is that of a pro-active approach to security through flexible architecture models that can handle known and even future threats. USP Secure Entry Server® 5 has been created with this flexible approach to the mitigation of security threats as a fundamental design goal. It gives your organization insight and practical measures into potential security events, allowing you to harden and maintain system and data integrity. USP SES provides your organization with the tools to make a pro-active stand against security threats.
As we mentioned in our previous article about web attack types, web security is one of the greatest challenges of our time. Any application that has a surface that extends out into a Cloud or online venue is susceptible to a myriad of web based attack vectors. Some of these web attacks, such as Cross Site Scripting (XSS) are seeing a massive increase and White Hat have found that XSS and information leakage are the numbers 1 and 2 of the most prevalent attack types we need to watch out for.
Web threats are dynamic in nature. As new vulnerabilities arise, new malware pops up to exploit them. To have any hope of managing the increasingly sophisticated landscape of web attacks we need to have a set of programmatic eyes working with us to gain insight into this world. USP SES 5 is part of this new generation of security tools that are built to work in a fluid and dynamic security environment.
USP SES acts like a watchdog. It sits watches and waits for any web attacks against your web application. It is an impassable security device and is the eyes and ears of a modern security strategy.
USP SES is part of an extended security awareness that your organization needs to keep it ahead of web threats. It utilizes the security intelligence provided by the Open Web Application Security Project (OWASP) an international group dedicated to improving the security of software as we move into new realms, including the Internet of Things (IoT). USP SES 5 has a full portfolio knowledge of the possible attack vectors, from brute force, through cookie manipulation and even zero-day vulnerability exploits – the most difficult of attack vectors to thwart. Our USP SES architecture covers the gamut of web security requirements across all layers, from front end access, to back end threats.
USP SES would not be so powerful if it didn’t offer usable security. As we mentioned in a previous article, complexity is the enemy of security. Our product has a simple graphical user interface that ensures settings are correctly applied and the monitoring of alerts and events are naturalistic. We even offer pre-set templates to make the process of security administration easy. All of this means that your administrators won’t get caught out by using a difficult to understand interface and so miss important information; security can be usable and we have set that as our design mantra.
Being watchful and having live insight, means that you need to have a real time dashboard which offers up key operational metrics that are easy to understand and interpret. One of our key features is that our real-time insight into your web application and the threats posed to it, can be very easily analysed using our advanced log viewer and improved analytics capabilities based on big data technology. To make version 5 of our SES WAF even more usable, we have integrated with well-known SIEM and monitoring solutions, such as SPLUNK, which mean that you can use software that your staff has already been trained to use.
A Future Based on Live Insight
Everyone knows the old saying that forewarned is forearmed and this is never truer that with today’s web security issues. As the cybercriminals harden their armoury against our web applications, we need to retaliate by being prepared. Preparation needs awareness and it needs to be pro-active and flexible. Live insight into web threats is the only way to mitigate the onslaught of attacks we are seeing. We need to avoid becoming that security statistic, or the news article of the latest major breach. Having vision isn’t just about seeing the future of our company; it’s about seeing the future of security.