Foundstone Releases SiteDigger to Help Identify Web Site Information Leakage; Free Tool Utilizes Google Search Engine to Pinpoint Potential Exposures.Business Editors/High-Tech Writers MISSION VIEJO Mission Vi·e·jo A community of southern California southeast of Irvine. It is mainly residential. Population: 96,300. , Calif.--(BUSINESS WIRE)--May 27, 2004 Foundstone Inc., experts in strategic security, today announced the availability of SiteDigger(TM), a free tool designed to help identify potential sources of information leakage Information leakage happens whenever a system that is designed to be closed to an eavesdropper reveals some information to unauthorized parties nonetheless. For example, when designing an encrypted instant messaging network, a network engineer without the capacity to crack your on public Web sites. SiteDigger uses Google's indexed search information to quickly pinpoint human error vulnerabilities such as the accidental exposure of confidential information Noun 1. confidential information - an indication of potential opportunity; "he got a tip on the stock market"; "a good lead for a job" steer, tip, wind, hint, lead including financial records, passwords, and personal information on an organization's Web site. Armed with a profile of their Web site weaknesses, organizations can work to proactively remediate their vulnerabilities, minimizing risk of exploitation. SiteDigger is the first automated tool using Google to help identify information leakage and uses more than 150 unique signatures to quickly and easily identify vulnerabilities in seven categories including: privacy, back-up files, configuration mistakes, remote administrator interface, error messages DOS and Windows error messages are listed individually in this database by the message that is displayed when they occur. See also DOS error messages and Application Error.  , public vulnerabilities, and technology profile. The tool provides signature update functionality and a dynamic graphical user interface graphical user interface (GUI)Computer display format that allows the user to select commands, call up files, start programs, and do other routine tasks by using a mouse to point to pictorial symbols (icons) or lists of menu choices on the screen as opposed to having to which was built using C#, SOAP and Web services (1) Loosely, any online service delivered over the Web. Such usage appears in articles from non-technical sources, but not in IT-oriented publications, because definition #2 below describes the correct use of the term. on the Microsoft.NET framework. SiteDigger will support the OASIS WAS classification scheme for Web security vulnerabilities when it is finalized See finalization. later this month. SiteDigger users can optimize their number of searches per day by using their own Google license key. "The primary goal of most Web sites is to communicate information," commented Mark Curphey, director of consulting for Foundstone and founder of OWASP (Open Web Application Security Project) An organization founded by Mark Curphey in 2001 to help make open source software secure. With member communities around the world, OWASP projects are involved with specific programming languages, functions and . "However, many organizations are innocently sharing more information than they realize via their sites, putting sensitive information at risk. SiteDigger helps organizations proactively find those holes so they can be plugged before any potential damage is done." SiteDigger is one of several free tools that will be made available through Foundstone's newly launched S3i(TM) service line. S3i (Strategic Secure Software Initiative) helps Foundstone clients define, design, develop, deploy and maintain reliable and secure software. By understanding and managing inherent risk and measurably improving the software development life cycle, Foundstone helps its clients reduce development costs and improve performance. To find out more about S3i and to download the free SiteDigger tool and white paper, visit http://www.foundstone.com/s3i. Foundstone's Curphey will also host a Webcast on June 24, 2004 entitled Google Hacking Google hacking is a term that refers to the art of creating complex search engine queries in order to filter through large amounts of search results for information related to computer security. & SiteDigger: How to Stop Giving Critical Info to Hackers. More information and registration can be found at http://www.globalknowledge.com/training/course.asp?pageid=9&courseid= 8658&catid=248&methodid=s&country=United+States&translation=English. Foundstone's Enterprise Risk Solutions(TM) software helps organizations comprehensively discover, inventory, prioritize, and remediate all assets on a global network. The suite provides exceptionally accurate, high-speed vulnerability assessment A Department of Defense, command, or unit-level evaluation (assessment) to determine the vulnerability of a terrorist attack against an installation, unit, exercise, port, ship, residence, facility, or other site. of all network assets, intuitive reports and metrics, and a tightly integrated threat correlation module which correlates critical threats with prioritized assets so security and network operations can focus on the assets that matter the most. About Foundstone Foundstone(R) Inc., experts in strategic security, offers a unique combination of software, services, and education to help organizations continuously and measurably protect the most important assets from the most critical threats. Through a strategic approach to security, Foundstone identifies and implements the right balance of technology, people, and process to manage digital risk and leverage security investments more effectively. The company has one of the most dominant security talent pools ever assembled, and has authored twenty books, including the best-seller Hacking Exposed. Foundstone customers include six of the top 11 Fortune companies and many U.S. government agencies. The company is headquartered in Orange County, Calif., and has offices in San Antonio San Antonio (săn ăntō`nēō, əntōn`), city (1990 pop. 935,933), seat of Bexar co., S central Tex., at the source of the San Antonio River; inc. 1837. , New York New York, state, United States New York, Middle Atlantic state of the United States. It is bordered by Vermont, Massachusetts, Connecticut, and the Atlantic Ocean (E), New Jersey and Pennsylvania (S), Lakes Erie and Ontario and the Canadian province of , Washington, D.C., and Singapore. For more information about Foundstone, visit www.foundstone.com, or call 877-91-FOUND within the U.S., and 949-297-5600 outside the U.S. Note to Editors: Foundstone, SiteDigger, S3i and Foundstone Enterprise are trademarks of Foundstone Inc. All other companies, brand names or products are trademarks or registered trademarks of their respective companies. |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion