Verizon Business is now offering to help businesses analyze potential security flaws in their business applications.
Verizon says that it decided to start offering an application security program after finding that 79 percent of corporate records were compromised last year through attacks against businesses' application layers. The new program starts by scanning and assessing risks for all company applications and then suggests a series of preventative controls that companies can take to secure their applications. From there, companies have the option of utilizing Verizon's Cybertrust Application Certification program, which the company says "verifies that their information-security controls, policies and procedures meet a stringent set of standards."
[ Learn how to secure your systems with Roger Grimes' Security Adviser blog and newsletter, both from InfoWorld. ]
The application security program is merely a way for companies to assess their application risks and does not offer any security services on its own, says Omar Khawaja, the global services product manager for Verizon Business. The reason for this is that it would be impossible for the company to price its various security services into an application security package, says Khawaja, who explains that all actual security patches are sold separately. Security controls sold separately by the company include application layer firewalls, secure application development training, application log monitoring and DoS defense.
Verizon first reported that hackers were increasingly using vulnerabilities in business applications to compromise corporate records in its 2009 data breach report. That study found that a total of 285 million electronic records were breached last year, which represented more than the total number of records breached in the past four years combined. The reason for the sharp increase is that attacks on financial firms' networks had become more sophisticated and successful, the company said. Although only 17 percent of the attacks studied by Verizon constituted "highly sophisticated" data breaches, these attacks were responsible for 95 percent of all records breached.
This whitepaper explains the terminology and concepts behind Data Replication technologies and establishes some sizing rules through worked examples. Learn the new paradigm in disaster tolerance—protect data anywhere.
Download now »
Server virtualization is a popular option for dealing with mounting datacenter costs. Another equally promising approach is the use of an Application Delivery Controller. Citrix NetScaler provides a low-cost way for organizations to reduce their server count and accrue cost savings from a reduction in space, cooling, power and personnel.
Download now »
The emergence of WLANs has created a new breed of security threats to enterprise networks.
Included in HP ProCurve WLAN solutions is security technology that alleviates threats from WLANs through:
* Monitoring wireless activity inside and out of the enterprise
* Classifying WLAN transmissions into harmful and harmless
* Preventing transmissions that pose a security threat to the enterprise network
* Locating participating devices for physical remediation
Effectively address data protection challenges, implementing solutions that help store and protect business–critical data while cutting costs and improving efficiency and reliability.
Download now »
Sign up to receive InfoWorld Resource Alerts
This white paper provides guidance on how to develop a strategic approach to managing and monitoring logs, a key function required for compliance with many regulatory mandates and a critical defense against security threats.
Download now! »
Learn about the processes and technologies that support security information management (SIM) operations, as well as the business case for SIM. The series examines different options for implementing SIM and gives you evaluation criteria for selecting the best option for your organization.
Download now! »
Learn the strategies, actions, and capabilities that Best-in-Class organizations employ and technologies they choose to obtain superior performance against various security performance metrics. This report provides guidelines for identifying which security solutions to consume as a MSS and defines best practices for choosing and managing MSSPs.
Download now! »
13 Recommendations
