WebCohort secure the 'Enterprise Application Sphere'
Shlomo Kramer, co-founder of Check Point Software, has set up another company. This one is called WebCohort. It provides Web application and database security solutions, to protect enterprise applications from internal and external, known and unknown attacks.
Kramer believes that what he describes as the "Enterprise Application Sphere" (EAS) is the new Achilles Heel of enterprise computing. EAS represents the mission-critical, domain consisting of Web, application, and database servers interconnected by application level protocols, such as HTTP, HTTPS and SQL.
The Enterprise Application Sphere is a significant threat because it is constantly evolving. New and improved applications are being developed and deployed. Corporate databases are extended with new types of information. Users of various roles and privileges are added with new access rights to critical resources. This dynamic nature of the Enterprise Application Sphere makes it a particularly challenging domain to secure.
Kramer's view is that it is a mistake to believe that traditional network security techniques are sufficient to protect the enterprise from attacks directed either at Web applications or databases - for example, SQL injection attacks.
Existing infrastructure security solutions, which are designed to provide network and system security, cannot protect against these new Application Sphere Attacks. WebCohort believe that traditional firewalls are now relegated to simple access control devices. They block everything but HTTP communication, which is required for the operation of Web applications.
This, claims Kramer, makes firewalls inadequate against application-level attacks because Web applications are very rarely designed with security in mind. In fact, their access to virtually all the resources of the EAS, including the organization's most valuable databases, is unmonitored and almost unlimited.
WebCohort have developed SecureSphere. This is a product that works through the use of anomaly detection, event correlation, and application level signature dictionaries. SecureSphere aims to provide Web applications and databases with comprehensive protection against both known and unknown attacks.
In many respects it is like Intrusion Prevention, just another layer up, despite WebCohort's claims that it is a new architecture.
The good point about SecureSphere is that it uses a Sensor-based approach. Sensors can be located at critical points in the network to passively listen to traffic (currently HTTP or SQL) so there is little, if any, performance bottleneck (latency).
It might seem strange that Kramer is putting down firewalls in favour of SecureSphere, especially as he is still a director of Check Point. The point he makes is that firewalls are good at what they do and everyone understands them. The issue is that the threat has moved on. Hackers are now targeting poorly implemented applications and developers are not in a position to understand all the potential vulnerabilities arising from the way they code applications.
It seems that the biggest opportunity for WebCohort lies in the Web services arena. As companies expose their supply chain to the outside world, they need to be sure they have every angle covered. WebCohort is not there yet but it is the direction in which they should be heading.
Copyright 2003. Originally published by IT-Director.com, reprinted with permission. IT-Director.com provides IT decision makers with free daily e-mails containing news analysis, member-only discussion forums, free research, technology spotlights and free on-line consultancy. To register for a free e-mail subscription, click here.
For more information:
- Looking for free research? Browse our comprehensive White Papers section by topic, author or keyword.
- Are you tired of technospeak? The Web Services Advisor column uses plain talk and avoids the hype.
- For insightful opinion and commentary from today's industry leaders, read our Guest Commentary columns.
- Hey Codeheads! Start benefiting from these time-saving XML Developer Tips and .NET Developer Tips.
- Visit our huge Best Web Links for Web Services collection for the freshest editor-selected resources.
- Visit Ask the Experts for answers to your Web services, SOAP, WSDL, XML, .NET, Java and EAI questions.
- Couldn't attend one of our Webcasts? Don't miss out. Visit our archive to watch at your own convenience.
- Choking on the alphabet soup of industry acronyms? Visit our helpful Glossary for the latest lingo.
- Discuss this article, voice your opinion or talk with your peers in the SearchWebServices Discussion Forums.