3Com Launches Revolutionary Vulnerability Discovery Program, Setting the Clock Back on Zero Day Attacks; Security Research Used to Ensure the Most Rapid and Efficient Protection Against Emerging Threats.MALBOROUGH, Mass. -- 3Com and its TippingPoint division today announced the formation of the Zero Day Initiative (ZDI ZDI Zero Day Initiative (3Com/Tippingpoint) ), aimed at ensuring the responsible disclosure of security flaws, also known as vulnerabilities, in order to make technology more secure for users. The goal of the zero day initiative is to proactively protect businesses as soon as possible against newly discovered vulnerabilities. As part of the program, 3Com will reward security researchers who responsibly reveal information on newly discovered vulnerabilities, as opposed to publicly posting the potentially harmful information, catching businesses and vendors off-guard and unprotected. 3Com will notify affected vendors of security flaws so they can immediately begin working on a solution, most often in the form of a patch. The vulnerabilities will only be disclosed publicly by 3Com once the affected vendor is able to offer a solution to end users, mitigating mit·i·gate v. mit·i·gat·ed, mit·i·gat·ing, mit·i·gates v.tr. To moderate (a quality or condition) in force or intensity; alleviate. See Synonyms at relieve. v.intr. To become milder. the threat. 3Com will also use the information to provide preemptive pre·emp·tive or pre-emp·tive adj. 1. Of, relating to, or characteristic of preemption. 2. Having or granted by the right of preemption. 3. a. protection to customers through its TippingPoint Digital Vaccine(R) service. Additionally, 3Com plans to share vulnerability details freely with other security vendors prior to public disclosure. "Through this program, we seek to ensure that newly discovered vulnerabilities are managed, disclosed and remediated responsibly, so they don't pose a threat to businesses," said 3Com Chief Technology Officer Marc Willebeek-LeMair. "The sooner we have information about a vulnerability, the sooner we can deliver protection to our customers. Ultimately, this benefits everyone: security and technology vendors, security researchers, end users, as well as 3Com and its TippingPoint division customers." Vulnerabilities enable attackers to gain control of a system for malicious Involving malice; characterized by wicked or mischievous motives or intentions. An act done maliciously is one that is wrongful and performed willfully or intentionally, and without legal justification. DESERTION, MALICIOUS. purposes. They can also result in worms Worms (vôrms), city (1994 pop. 79,155), Rhineland-Palatinate, SW Germany, on the Rhine River. It is an industrial city and a leading wine trade center. or Denial of Service attacks An assault on a network that floods it with so many additional requests that regular traffic is either slowed or completely interrupted. Unlike a virus or worm, which can cause severe damage to databases, a denial of service attack interrupts network service for some period. , which can bring down entire networks. Zero day disclosure occurs when the discoverer of the vulnerability discloses the flaw to the public without notifying no·ti·fy tr.v. no·ti·fied, no·ti·fy·ing, no·ti·fies 1. To give notice to; inform: notified the citizens of the curfew by posting signs. 2. the vendor, putting businesses at risk from the time of disclosure until the affected vendor issues a patch. It can take vendors weeks or months to supply a patch. Intrusion Prevention See IPS and IDS. Systems (IPS (1) (Inches Per Second) The measurement of the speed of tape passing by a read/write head or paper passing through a pen plotter. (2) (IPS) (Intrusion Prevention S ), like TippingPoint's, are one of the few methods of proactive protection. In addition to reducing industry-wide security risks, obtaining advanced information on vulnerabilities enables 3Com to offer its TippingPoint(TM) IPS customers even more preemptive protection than currently provided through the TippingPoint Digital Vaccine update service. "Our world-class security research team is already on the forefront of the industry, well ahead of the game when it comes to providing advanced vulnerability protection," said David Endler, Director of Security Research for 3Com's TippingPoint division. "This program will extend our research organization even further, and enable us to tap some of the brilliant minds in the global security research community. Prior to the availability of a vendor-supplied solution or patch, our customers will be protected against threats they aren't even aware of through our Digital Vaccine service." Many security researchers want to be recognized for their discovery, but they don't always achieve that in a responsible manner. With this program, the researcher is recognized for the discovery when the vulnerability is publicly disclosed with the vendor's patch. "3Com's initiative is a positive step for the industry," said In-Stat Research Analyst Victoria Fodale. "Viruses or worms that take advantage of vulnerabilities that vendors are not yet aware of can be devastating dev·as·tate tr.v. dev·as·tat·ed, dev·as·tat·ing, dev·as·tates 1. To lay waste; destroy. 2. To overwhelm; confound; stun: was devastated by the rude remark. to an organization. Both vendors and customers stand to benefit from this program. 3Com and its TippingPoint division are to be commended for taking this leadership position." For more information, please visit www.zerodayinitiative.com. About TippingPoint, a division of 3Com TippingPoint, a division of 3Com, is the leading provider of network-based intrusion prevention systems. The TippingPoint IPS is the most decorated dec·o·rate tr.v. dec·o·rat·ed, dec·o·rat·ing, dec·o·rates 1. To furnish, provide, or adorn with something ornamental; embellish. 2. in its industry. For a full list of awards, visit http://www.tippingpoint.com/products_certifications.html. Our innovative approach offers customers unmatched network-based security with unrivaled economics, ultra-high performance, scalability and reliability. TippingPoint is based in Austin, Texas, and can be contacted through its Web site at www.tippingpoint.com or by telephone at 1-888-TRUE-IPS. About 3Com Corporation 3Com Corporation (NASDAQ NASDAQ in full National Association of Securities Dealers Automated Quotations U.S. market for over-the-counter securities. Established in 1971 by the National Association of Securities Dealers (NASD), NASDAQ is an automated quotation system that reports on : COMS COMS 3Com Corporation (stock symbol) COMS Certified Orientation and Mobility Specialist COMS Continuous Opacity Monitoring Systems COMS City of Manchester Stadium (UK) ) is a leading provider of secure, converged voice and data networking solutions for enterprises of all sizes. 3Com offers a broad line of innovative products backed by world class sales, service and support, which excel at Verb 1. excel at - be good at; "She shines at math" shine at excel, surpass, stand out - distinguish oneself; "She excelled in math" delivering business value for its customers. Through its TippingPoint division, 3Com is the leading provider of network-based intrusion prevention systems that deliver in-depth application protection, infrastructure protection, and performance protection for corporate enterprises, government agencies, service providers and academic institutions. For further information, please visit www.3com.com, or the press site www.3com.com/pressbox. Copyright (C) 2005 3Com Corporation. 3Com, the 3Com logo and Digital Vaccine are registered trademarks and TippingPoint is a trademark of 3Com Corporation or its subsidiaries. All other company and product names may be trademarks of their respective holders. |
|
||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion