Loudcloud boosts security tools
- By John K. Waters
- November 26, 2001
The September terrorist attacks in New York and Washington thrust the subject of network security to the top of virtually every corporate IT agenda. But even before those startling events, a proliferation of automated worms, viruses, and vendor-announced vulnerabilities had IT managers on high alert.
A number of solution providers are scurrying to address the new security concerns. One of the more interesting recent offerings comes from managed services provider, Loudcloud, Inc. The Sunnyvale, CA-based company, once highly touted for a management team that included Netscape founder Mark Andreessen, was founded to provide outsourcing services for the day-to-day management of corporate Internet infrastructures. The now-struggling supplier said it is beefing up the security capabilities of its offering.
In addition to the digital certificate management and access control services offered previously, the company disclosed plans to offer new security capabilities on an outsourcing basis.
The new capabilities include:
- Intrusion Detection Analysis: Said to analyzes the latest scans, probes, and intrusion attempts directed at a company's site, and then provide a detailed report of statistics highlighting the major types and sources of attack. The system is priced at $1,000 or on a subscription basis (with upgrades) for $850 per month.
- Vulnerability Analysis: A stand-alone site-defense evaluation service. Loudcloud security experts identify and analyze weaknesses in the company's site profile and recommend a course of action to address any security exposures. The analysis includes a review of the company's public IP addresses and Web applications. The assessment lists for $1,000 for up to 10 hosts.
- Application Attack Simulation: Models specific threat scenarios, locates vulnerabilities, and validates exploitation possibilities to strengthen defenses at the application level and provide users with a deeper level of analysis. Pricing starts at $10,000.
- Application Code Review: Security experts examine a company's application source code for insecure coding techniques or practices that may allow for vulnerabilities, such as URL tampering and cookie poisoning. Pricing is unavailable.
For more on Security, go to: http://www.adtmag.com/section.asp?section=specialreport
John K. Waters is a freelance writer based in Silicon Valley. He can be reached
at [email protected].