Printer Friendly

Sana Security's Primary Response Protects Against Critical Vulnerability in Microsoft Servers; Latest RPC Exposure Highlights Patching Dilemma.

Business Editors/High-Tech Writers

SAN MATEO, Calif.--(BUSINESS WIRE)--Sept. 10, 2003

Sana Security, Inc., a leading vendor of application security software, announced that its Primary Response product protects applications running on Microsoft server operating platforms from the vulnerabilities, announced today by Microsoft, associated with the DCOM (Distributed Component Object Model) and RPC Service. Industry experts predict that exploits targeting the vulnerability will materialize in an even shorter timeframe than those that led to the recent outbreak of MSBlaster and derivative worms. The execution of another patching fire drill -- updating thousands of systems to protect against a new series of attacks -- has the potential to overload enterprise IT organizations still recovering from the Blaster, Nachi and Welchia chain of events.

"All hell is likely to break loose fairly soon because it should be really trivial to write a new worm that exploits these vulnerabilities, and most systems will be unpatched," said Dr. Steven Hofmeyr, founder and chief scientist of Sana Security. "This is another clear illustration of how a reactive approach to securing server applications, using information available only after the vulnerability has been discovered, will not work."

The Primary Response product automatically builds a profile of a protected application's normal behavior based on the code paths of the running program, and then continually monitors those code paths for deviations from the norm. Primary Response initializes the application profile with an inherent capability to identify behaviors that would not be legitimate under any circumstances, providing a solid baseline of protection as soon as Primary Response is deployed. Because vulnerability exploits are not part of normal application behavior, Primary Response automatically detects and prevents these exploits as soon as they take applications down unexpected code paths, blocking bad behavior while otherwise leaving the application running and intact. This breakthrough design delivers truly automated and effective detection and termination of attacks, unmatched by signature- or rule-based products.

Primary Response also provides organizations with a compensating control capability by being able to specify with fine granularity which application activities are blocked when an exploit is detected. The ability to configure a range of blocking responses on an application specific basis enables administrators to take steps to eliminate risk even in advance of the availability of a vendor-provided patch. These protection capabilities translate directly to a business benefit by eliminating the 'escalated risk window' created by the announcement of the vulnerability and associated patches, and left open until the point at which the patch can be deployed across all vulnerable systems. This allows administrators to more cost-effectively manage what can be a complicated and time-consuming exercise.

About Sana Security

Sana Security develops and markets application security software that provides the most accurate, automated and effective detection and prevention of attacks for standard and custom server applications on major platforms. Founded to commercialize breakthrough Sana Platform (SP) technology developed by Dr. Hofmeyr, Sana Security's first product, Primary Response, provides server-based application security employing a fundamentally different methodology than knowledge-based products, eliminating the need for constant updating and management by security experts and significantly reducing total cost of ownership for the enterprise. Sana Security is funded by leading venture capital firms Sevin Rosen Funds and El Dorado Ventures. The company is headquartered in San Mateo, Calif. For additional information about Sana Security and the company's Primary Response products, visit
COPYRIGHT 2003 Business Wire
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 2003, Gale Group. All rights reserved. Gale Group is a Thomson Corporation Company.

Article Details
Printer friendly Cite/link Email Feedback
Publication:Business Wire
Geographic Code:1USA
Date:Sep 10, 2003
Previous Article:Medicis Announces FDA Advisory Panel for RESTYLANE.
Next Article:Claim Jumper Restaurant Hosts Evening to Benefit Injured Newport Beach Firefighter.

Related Articles
Intrusion, Inc., Announces Intrusion SecureHost 2.0 Powered by Primary Response.
Sana Security's Primary Response Application Security Software First to Support Linux, Microsoft Exchange Server and Windows 2003.
Sana Security Challenges Organizations to 'Trade-Up' to Primary Response Host-based Intrusion Prevention.
Netsky-V worm slithers without email attachment.
Sana Security's Primary Response Deployed to Provide Host Protection at RSA Security.
eEye Digital Security Discovers Two New Critical Security Flaws for Windows; Microsoft To Issue One Patch During November Update to Correct Similar...
Dasher-B expoits Windows 2000 PC's.
eEye Digital Security Releases Multiple Protection Strategies for Zero-Day IE Exploit.
TippingPoint Discovers Two Flaws in Microsoft Bulletins Released Today.

Terms of use | Privacy policy | Copyright © 2018 Farlex, Inc. | Feedback | For webmasters