News

Loudcloud boosts security tools

• By John K. Waters
• November 26, 2001

A number of solution providers are scurrying to address the new security concerns. One of the more interesting recent offerings comes from managed services provider, Loudcloud, Inc. The Sunnyvale, CA-based company, once highly touted for a management team that included Netscape founder Mark Andreessen, was founded to provide outsourcing services for the day-to-day management of corporate Internet infrastructures. The now-struggling supplier said it is beefing up the security capabilities of its offering.

In addition to the digital certificate management and access control services offered previously, the company disclosed plans to offer new security capabilities on an outsourcing basis.

The new capabilities include:

• Intrusion Detection Analysis: Said to analyzes the latest scans, probes, and intrusion attempts directed at a company's site, and then provide a detailed report of statistics highlighting the major types and sources of attack. The system is priced at $1,000 or on a subscription basis (with upgrades) for $850 per month.
• Vulnerability Analysis: A stand-alone site-defense evaluation service. Loudcloud security experts identify and analyze weaknesses in the company's site profile and recommend a course of action to address any security exposures. The analysis includes a review of the company's public IP addresses and Web applications. The assessment lists for $1,000 for up to 10 hosts.
• Application Attack Simulation: Models specific threat scenarios, locates vulnerabilities, and validates exploitation possibilities to strengthen defenses at the application level and provide users with a deeper level of analysis. Pricing starts at $10,000.
• Application Code Review: Security experts examine a company's application source code for insecure coding techniques or practices that may allow for vulnerabilities, such as URL tampering and cookie poisoning. Pricing is unavailable.