Stratum8 and Aspect Security Deliver Application Security Package to Protect Web Sites from OWASP Top 10 Vulnerabilities.Business Editors/High-Tech Writers SANTA CLARA Santa Clara, city, Cuba Santa Clara (sän`tä klä`rä), city (1994 est. pop. 217,000), capital of Villa Clara prov., central Cuba. , Calif.--(BUSINESS WIRE)--Feb. 3, 2003 Combination of Stratum stratum /stra·tum/ (strat´um) (stra´tum) pl. stra´ta [L.] a layer or lamina. stratum basa´le 8 APS-100 Appliance and Aspect Security Professional Services (job) professional services - A department of a supplier providing consultancy and programming manpower for the supplier's products. Eliminates Web Application Vulnerabilities Stratum8 Networks, the company that secures Web-based systems from application level attacks, and Aspect Security, the web application security specialists, today announced a strategic partnership to deliver a complete security solution that enables enterprises and government agencies to quickly and cost effectively protect their web sites against all application level attacks, including the "Ten Most Critical Web Application Security Vulnerabilities" recently defined by the Open Web Application Security Project (OWASP (Open Web Application Security Project) An organization founded by Mark Curphey in 2001 to help make open source software secure. With member communities around the world, OWASP projects are involved with specific programming languages, functions and ) at www.owasp.org. The Comprehensive Application Protection Package (CAPP) combines the award-winning Stratum8 Application Protection System (APS)-100 with professional vulnerability assessment A Department of Defense, command, or unit-level evaluation (assessment) to determine the vulnerability of a terrorist attack against an installation, unit, exercise, port, ship, residence, facility, or other site. , security policy implementation, and integration services from Aspect Security. The CAPP locks down and protects Web applications from known and undocumented attack methods not detected by network-based firewalls and Intrusion Detection Systems This article is about the computing term. For other uses, see Burglar alarm. An intrusion detection system (IDS) generally detects unwanted manipulations of computer systems, mainly through the Internet. . It is available immediately from Stratum8 and Aspect Security. Overview of CAPP Every web application is different and has a unique set of security requirements. Since dozens of languages, hundreds of frameworks, thousands of libraries, and millions of lines of custom code are commonly used to write web applications, securing them requires a deep understanding of how they work, and powerful protection technology. The CAPP solves this problem by combining Aspect Security's recognized expertise and the industry leading Stratum8 APS-100 to provide total application protection. The package includes a detailed vulnerability assessment, policy analysis, APS installation and configuration, and a summary report detailing how applications are protected against each of the OWASP "Top 10" web application vulnerabilities, as well as all other application level threats. The CAPP consists of: -- Three APS-100 units from Stratum8: Two for use in fail-over configuration for production environments, and one for development purposes -- On-site professional installation and configuration of the APS-100 units -- Identification of web application security policies -- Assessment of web applications against the OWASP Top 10 vulnerabilities -- Configuration of the APS-100 units to strongly enforce intended security policy -- A detailed risk report of web application security with the APS-100s in place, including before and after analysis -- Any additional recommendations for improving application security discovered as part of the vulnerability assessment "We are pleased to be working with Aspect Security, one of the industry's most respected consulting firms Noun 1. consulting firm - a firm of experts providing professional advice to an organization for a fee consulting company business firm, firm, house - the members of a business organization that owns or operates one or more establishments; "he worked for a , to provide an integrated solution that enables government agencies and enterprises to address all their application vulnerabilities including the OWASP Top 10 List," said Bob Walters, president and CEO (1) (Chief Executive Officer) The highest individual in command of an organization. Typically the president of the company, the CEO reports to the Chairman of the Board. for Stratum8 Networks. "This partnership provides customers with a holistic solution for making sure they address known vulnerabilities A bug in software that has been identified. It typically refers to bugs that have been used for malicious purposes. For example, bugs in Web server, Web browser and e-mail client software are widely exploited by attackers. and protect their applications against undocumented attack methods." "The CAPP provides more cost-effective application security than the sum of its parts," said Jeff Williams For the poker player, see . For the physician, see . For the astronaut, see . Jeff Williams (born June 6, 1972 in Canberra) is an Australian-born, left-handed pitcher for the Hanshin Tigers baseball team. , CEO of Aspect Security. "Our experts can quickly identify and correct weak security policies and vulnerabilities that expose web applications to attack, and implement a comprehensive solution using Stratum8's powerful APS-100 platform. CAPP provides customers unparalleled protection in a very short period of time." Pricing and Availability The Comprehensive Application Protection Package is available immediately from Stratum8 and Aspect Security for $75,000. It includes three APS-100 units and up to three weeks of consulting services Noun 1. consulting service - service provided by a professional advisor (e.g., a lawyer or doctor or CPA etc.) service - work done by one person or group that benefits another; "budget separately for goods and services" from Aspect Security, including up to one week of on-site installation, data gathering, and initial configuration. Stratum8 APS-100 The Stratum8 APS-100 reduces Web application vulnerability to near zero by protecting against threats that are not detected by network based firewalls and intrusion detection systems. The APS-100 operates at the application layer and uses patent-pending behavior blocking Also known as "sandboxing," it is software that monitors the executable actions of potentially malicious software and prevents certain operations from taking place. Deleting files and modifying system settings are the kinds of actions that are prohibited. technology that learns an application's behavior, inspects incoming and outgoing traffic, and allows acceptable behaviors to be executed while blocking unacceptable behaviors. As a result, it protects against known and undocumented attacks without relying on signatures. As applications change and new functionality is added, the APS-100 dynamically learns new behaviors and adjusts security parameters accordingly. The APS-100 is a 1U rack-mountable device that typically installs in one hour. It is available from Stratum8 and its business partners worldwide. Pricing for the APS-100 starts at $25,000. About Stratum8 Founded in 2000, Stratum8 Networks develops quick-to-deploy, self-configuring security products that protect Web servers, Web applications and databases from known and undocumented vulnerabilities. Stratum8's customers are Fortune 1000 companies, leading Internet and e-commerce players, and government agencies that need to protect sensitive Web-based applications and data from unauthorized access or malicious use. Stratum8 is privately held and headquartered in Santa Clara, California Santa Clara, California (IPA: /ˌsæntəˈklærə/) , founded in 1777 and incorporated in 1852, is a city in Santa Clara County, in the U.S. state of California. . To contact Stratum8 call 408-850-0800, visit us on the Web at www.stratum8.com, or write to info@stratum8.com. About Aspect Security Aspect Security specializes in web application and web services (1) Loosely, any online service delivered over the Web. Such usage appears in articles from non-technical sources, but not in IT-oriented publications, because definition #2 below describes the correct use of the term. security. Aspect's expert staff is responsible for the security of financial, healthcare, biotechnology, e-commerce, Fortune 500, and government web applications. Aspect provides code review, penetration testing, policy development, and developer security training services to find, diagnose, and eliminate vulnerabilities in custom web application code. Aspect is privately held and headquartered in Columbia, Maryland Columbia is a census-designated place and planned community in Howard County, Maryland, United States. It is a suburb of Baltimore, and, to a lesser degree, Washington, DC. It began with the idea that a city could enhance its residents' quality of life. . To contact Aspect Security call 410-707-1487, visit us on the Web at www.aspectsecurity.com, or write to info@aspectsecurity.com. |
|
||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion