Breach Security's CTO Ofer Shezaf Leads Web Application Security Consortium (WASC)'s New Web Hacking Incidents Database; New Incident Database Tracks Web Application-Related Security Breaches.CARLSBAD, Calif. -- Mr. Ofer Shezaf, chief technology officer, Breach Security, Inc., and an officer of the Web Application Security Consortium (WASC WASC Western Association of Schools and CollegesWASC West African School Certificate WASC Western Administrative Support Center (NOAA) WASC Western Australia Supreme Court WASC Washington Administrative Service Center ), will lead the new Web Hacking See hack and hacker. Incidents Database project, a new initiative designed to track all reported Web application security breaches. WASC is an international group of security experts and industry leaders that develop, adopt, and advocate best-practice security standards for web application security. WASC maintains a number of projects to generate web application security awareness Security awareness is the knowledge and attitude members of an organization possess regarding the protection of the physical and, especially, information assets of that organization. , classify threats against web applications, and provide evaluation criteria for web application security solutions. The new Web Hacking Incidents Database (WHID WHID Web Hacking Incidents Database ) project tracks publicly-reported security incidents that can be associated with Web application security vulnerabilities exploited through targeted attacks. The goal of the new project is to provide a tool to raise awareness of Web application security problems and provide information for statistical analysis of Web applications security incidents. In the United States United States, officially United States of America, republic (2005 est. pop. 295,734,000), 3,539,227 sq mi (9,166,598 sq km), North America. The United States is the world's third largest country in population and the fourth largest country in area. and Europe there are privacy laws that require public reporting of security breaches, however these reports do not indicate how the breach has occurred. The new WHID tracks such security breaches assisting IT managers and business leaders in assessing the threat in insecure in·se·cure adj. 1. Lacking emotional stability; not well-adjusted. 2. Lacking self-confidence; plagued by anxiety. in web applications and better protect their business-critical information assets. Additional information about the new database can be found at the project's web site at http://www.webappsec.org/projects/whid. "Understanding the cause of Web application security incidents is vital to defending websites," said Jeremiah Grossman, founder and CTO (Chief Technical Officer) The executive responsible for the technical direction of an organization. See CIO and salary survey. , WhiteHat Security and WASC co-founder. "The WHID project enables the community to learn and improve upon our best practice standards." "Web-based attacks are on the rise, and the WHID is an ideal tool to alert IT Managers and the business community of the risks they face unless they take the proper precautions precautions Infectious disease The constellation of activities intended to minimize exposure to an infectious agent; precautions imply that the isolation of an infected Pt is optional, but not mandatory. to protect their Web applications from targeted attacks," said Mr. Shezaf. "Effective solutions for Web application security threats can detect and protect against attacks and secure business-critical Web applications in ways that exceed security from network firewalls and IDS/IPS solutions. The CardSystems incident is known to be the worst ever security breach, but how was it performed and how can one protect from a similar attack? WHID provides answers to these questions." Breach Security's flagship product A primary product of a company, which is typically why the company was founded and/or what made it well known. For example, MS-DOS, Windows and the Microsoft Office suite have been flagship products of Microsoft. CorelDRAW is a flagship product of Corel Corporation. is BreachGate WebDefend, a non-intrusive web application firewall with comprehensive security against all attack techniques against web applications and completely automated application profiling for the lowest possible cost of ownership. WebDefend provides the only web application firewall that does not have to be deployed inline and provides 100% blocking protection. Mr. Shezaf is Breach Security Inc.'s CTO, and is responsible for Breach's security research and products security features and functionality roadmap. He is an officer in the Web Application Security Consortium (WASC), and leads the Open Web Application Security Project (OWASP (Open Web Application Security Project) An organization founded by Mark Curphey in 2001 to help make open source software secure. With member communities around the world, OWASP projects are involved with specific programming languages, functions and ) Israeli Chapter. Prior to joining Breach, Ofer specialized in national information security and consulted to organizations such as the Israeli National Information Security Agency and the Israeli Intelligence Forces. About Breach Security, Inc. Breach Security, Inc. provides next-generation web application security to protect privileged information. Breach, a leader in the emerging market for Intelligent Web Application Security, addresses today's security needs by delivering solutions for enterprises and government agencies alike to comprehensively protect web applications against attack and resolve security challenges such as Identity Theft, Information Leakage Information leakage happens whenever a system that is designed to be closed to an eavesdropper reveals some information to unauthorized parties nonetheless. For example, when designing an encrypted instant messaging network, a network engineer without the capacity to crack your , regulatory compliance, and insecurely coded applications. Breach was founded in 2004 and is headquartered in Carlsbad, California Carlsbad is a coastal resort-town in northern San Diego County, California. According to the state Department of Finance, the city had a total population of 90,271 in 2003. . For more information, visit www.breach.com. About WASC The Web Application Security Consortium (WASC) is an international group of experts, industry practitioners, and organizational representatives who produce open source and widely agreed upon Adj. 1. agreed upon - constituted or contracted by stipulation or agreement; "stipulatory obligations" stipulatory noncontroversial, uncontroversial - not likely to arouse controversy best- practice security standards for the World Wide Web. As an active community, WASC facilitates the exchange ideas and organizes several industry projects. WASC consistently releases technical information, contributed articles, security guidelines, and other useful documentation. Businesses, educational institutions, governments, application developers, security professionals, and software vendors all over the world utilize our materials to assist with the challenges presented by web application security. Membership and participation in WASC related activities is free and open to all. For more information visit: http://www.webappsec.org/ Breach Security, BreachGate WebDefend, BreachMarks, and Exit Control are all trademarks of Breach Security, Inc.; all other company, organization and product names are trademarks of their respective holders. |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion