Search Engines - eWeek


Battery 500 Project Charged Up over All-Electric Cars
Charting the Final Frontier--Google Maps for Indoors
Get Smarter Technology on Your Mobile!
  Search Engines


Microsoft, Symantec Might Clash in Application Security



 By: Matt Hines
2007-02-01
Article Rating:starstarstarstarstar / 0


There are 0 user comments on this Search Engines story.


Rate This Article:
Poor Best
With both software makers setting their sights on the burgeoning application security space, some market watchers believe the partners will be more likely to compete than cooperate.

With malware code writers creating an increasing number of attacks aimed at exploiting vulnerabilities in software applications, in addition to their threats that target operating system flaws, longtime partners Symantec and Microsoft are both attempting to stake major claims in the application security market.

While Symantecs play is more straightforward, having targeted the sector with a range of products and services since 2005, Microsoft is believed to be readying a slew of offerings it will market to third-party software developers to help those firms drum potential vulnerabilities out of their products.

Microsofts failure to identify weak points in its own software, specifically its Windows OS, has been a highly publicized issue for many years, but the company claims to have turned over a new leaf.

In the process of building its newly launched Windows Vista OS, the Redmond, Wash.-based software maker employed a new vulnerability detection process labeled SDL (Security Development Lifecycle), that claims to have greatly reduced the number of holes in its products, and which will also serve as a foundation for the firms nascent applications security business.

Resource Library:

Thus far, the full extent of Microsofts plans in the segment remain unclear, but it is already providing information about SDL to other developers through one-on-one consulting sessions, along with publishing details of its work online and in a book.

Company officials offer few details of the software makers long-term strategy in applications security, but Microsoft has made it abundantly clear over the past year that it is set on growing its presence in the larger security software arena.

"Microsoft realizes that security researchers and malicious attackers will not confine themselves to Microsoft products," company representatives said in a statement. "Our efforts are resulting in significant improvements in the security of our software, and we have every confidence that, together with our industry partners, well continue to meet the constantly evolving challenge to help our customers and the industry to become more secure."

However, some experts contend that Microsoft is also developing products that will compete directly with those made by companies such as Symantec, based in Cupertino, Calif., including SDL-based software tools used to scan third-party applications for security flaws.

"Microsoft is moving into applications security in a big way, with source code scanning tools in the works," said Ed Adams, chief executive of Security Innovations, an applications risk management consulting firm based in Wilmington, Mass. "They want to take SDL and roll out services and solutions around it to market to other software developers, and that could become a pretty big business."

Microsofts August 2006 leap into Symantecs home turf in the consumer anti-virus market, with the launch of its OneCare product line, is presently one of the biggest stories in the security market, with the increased competition pushing longtime market leader Symantec to explore new market opportunities as one of its leading sources of revenue comes under pressure.

To read more about Microsoft and Symantecs jostle for security supremacy, click here.

Adding another wrinkle to the potential rivalry developing between the two firms in the applications security market are the companies respective relationships with consultant Accenture.

Symantec announced a joint initiative with the Hamilton, Bermuda-based company in October 2006, dubbed Accenture and Symantec Security Transformation Services. Microsoft has long maintained close bonds with Accenture, with the partners having operated their Avanade joint venture together since 2000.

One of the three areas the Symantec-Accenture tie-up is focusing on is applications security, along with regulatory compliance and security monitoring.

"Symantecs partnership with Accenture could be an interesting point of strain for Microsoft," Adams said. "Anything Microsoft creates in terms of security applications services will likely go through partners like Accenture; Microsoft could end up being troubled by the work with Symantec if theyre counting on Accenture to roll out those types of services."

Officials from Accenture working on the Security Transformation Services project downplayed any competitive issues arising from the companys various partnerships, but recognized the advantage that the group feels it will have over anything launched by Microsoft in the applications security market, that being, the ability to work with the many developers building products not designed to run on Microsoft systems.

"Few organizations have a monoculture around development platforms, and were most often in the position of supporting Microsoft-based components along with everything else that you find out there," said Jesse Bowen, managing director of the Accenture-Symantec initiative.

"We work with Microsoft a lot, and will continue to do so, and there may be cases where customers of [the Symantec venture] are Microsoft focused that we will look to them for support," Bowen said. "But security is not our primary focus with Microsoft, as opposed to Symantec, who brings market-leading capabilities to our joint initiative."

Industry analysts said Accenture will likely drive a lot of business from both vendors, with the only real area of competition between Microsoft and Symantec arising in the market for applications security tools designed to be used with Windows applications and other Microsoft-oriented programs.

However, Symantecs core business has long been built around providing products that secure Microsoft technologies, said John Oltsik, an analyst with Enterprise Strategy Group, Milford, Mass. Despite that, the analyst said there should be room for both Microsoft and Symantec to expand their presence in the applications security market.

"Microsoft will focus on Windows, and Symantec will focus on heterogeneous environments, and Accenture will play both cards, so even though there may be some competition, everyone will look to find a niche and exploit it," Oltsik said.

"Accenture wins, but Microsoft will make sure to align with someone else like EDS or BearingPoint; Symantec needs to build a business and hope Accenture will play, [Symantec] will have to drive things if that effort is going to grow."

Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Ryan Naraines eWEEK Security Watch blog.



  Reader Comments: Microsoft, Symantec Might Clash in Application Security
>>> Be the FIRST to comment on this article!
 

 
 
>>> More Search Engines Articles          >>> More By Matt Hines
 


x}ks㶲*Q3Co{)ٖ:c[>fIm"!1EꐔmM /=hɏsw-ݍFλ$i9#r3݉k}jx֢w.? dYf0TE[ \Ϥ^=Am۟@Ou 5r9:r z>;| `OS;S uɘZqPɈQߕ>}^~d w .prLQm/5xuK`nzN<>Qu)pgEQ6'k[ tN W*En8ѽ/De)l*F<w/k ;FqL {.Yu^?>خq8]b'(#O^2lְB1BEu#I%ߧ' ڪ8NQp'F:pm3E kLN\^@Zˆ螥{ɧ5u5I  1A 4cT8ny8DrHn6, шj)1Bmȳؖ`>N8CYnհ}= :Ѝs<8]Ԓ],r,U)0wS&>dRrpXda=}ٗe̛ V4öCٰo4TiUE9(TR8Eo[¥̝ wƨ?=Sʪ)J{>̑GAnkp[J^׵V8o]u|nkr m  o$&7 JDTRB`$" Pc@GG$@Bs.oVS+ZV@+(H.#I-LczO`% pbQUrn'SK׺jw[::=jN|bP+Mz(#1hgxk_-:O.9ǝ.9\QŝyN4Aq'3 j__[v\? /mxR&:aZ+U#1t9}lq.?HN‘,ɯ3`HBi۲ܺȑ\ yɽ+aXY|Dͼ94o o$E@;- u +Ukoڏ`Kc7 t$u[5Hr Ca)#p?c݃EpJq䰉kYSl \o4'M2Xʅ U >hI,A[!f}N}%I FʋCPsiZn-@sՇ{u4Aοw|H{ }PI}H V=H:}m5A%GC-ߟL-u#09wwɭ5yP+wM@Ab!,{DM}PC\7 >)d@}> QmVl}`٠1 5g%~J;r%FaA.G))(I&BD(jHB !Alq[$p hpd+ ~Gy-}"!bTLj['5TxB#}T/QύWR1b -xkb~I(l eZ&zφaLlDV^, U u5Mus6 z`NơGSyjVRTEAzdEWl;Ki;COΌ`-/Aw GLxŒ}Dž7˘6B=\[áeX4Gl9ZDQsؽ#Ќ7_ayaAz3=2齅dO,dfLAqϝ0h JdB a3s]mtgKz4'R\ժro}l* s%rG|增5 JxP?3LeDf{,D!', %*e+)ܲPӔ +, +1.I/uzS܊)9Awes貝Fi{_f]ZЬ Vv/::A']օVPK=o@y dh{Kmkaԕ %/EA nbZG:XG4~N/a+)WKivwaZC>׉c UVjG&,m+^ȃ[)Z@jjXL٠beZ-m*'=eGhJ37k8FUE8` ;jk {Ltz< ZвO[|?xtqj 1مUk;kP0KJAUcϓasMD@{nv2Tˣ6Wеm.3hΕ9 X)9Y8 p_k@l8$T2Paa0] etaؼ/kьV4;M809N܁e l*IH aݻ(Qܥ& ;oæ#_- C>(epHl`_<> B LRE\A v1v1UEP= ]g7u$vT<)K.̟ sWyGf[?Kyx}ˬ7? '_Z^Sz~Agf-%ߙۼagcFHde#7\@ ;RUw/5X )2)<:`rUTՑn OhGA.C{7Mt `LDЬ 0Դ'siM dwPJ |~CZh7H"v.eۏU)&Uj l|ZsG<֔H+  c5}u2*Z}\AYYr:iwx29c5kivO #ָX[љ#Wh xQ IR~kZѲ 'y6cIQ ]r<->q 7lj%Ə@?(<Z\"h 'Zfk}#}{-%8r zDİ{~UM+%uA2YSIpg#H隱Juu Tلi\RT5kݿx n9zg⇺q3ǿZvLzwOASB9!^-1(SsM7b ڵ t1G;*}z)O#ʌ)EoS Ymq'&.҄^\\fvuq뿌UcxPRaƵbR/g ?+>Ta#DU}d5Oӑ?6!VɕFZV/&IC{FY(,.>&CUX)TԒ/IXᐋqAɜ]Aр-\v8Okps!p/O A'GZMʵ,] ?ۤTV<^}9=ף~@L@=tP3)[&4Ɲ5/ Tcfa2J(K{a&LXu@j:, U)7OLJZZ$lp쑑 ztwce4qyi7L5Luox4 x5H;O5?p[e_7@|PIn:H墦AkR;qG;a#rn&3{G 2ɢ\' WeRU@o8H3AJ j ;!q[6xDs?=a?v-49^IkԈ3x0O /V(YqALohqNL _~ۅ^kUeAbcE6 k{J~Zg^p 4,+?v~nNIAc't&/[]WORů-Ӹoٷ!KNbw}lɾ3zZ^6+^6L;kB k;$V9zsy}!}9\[z}ђ:֓!Y>BVݧ=GgUxq)qm2G42zqaL [^p@ښҹ:n]qbAjNZ _Ok5W&'7e8X;H_aߪ,$"0!WtryE9{B*q^5D2sYA6^SF(+bK)"$DY |iǭU^_f~3bt8|Qt"wۿBWo1r!~_!cߗ&8~ P֬=8Ymrl%׸zq3~2)}B/g-9˝~@Ҵ(o =%(E:[W@dl&u"J U=Kz=O?{( chwa(>P$-zdennKl?aRLɔ&.)|Lhk'IZV6X(4%!4T^ЌObCYF*]7' ҽl^lpVPto6+b)-H T䵤 W[YgUH.~oJ 6 HVz@0HreZA=jOw&X{yr?g7?IȸGu*bl_@ݮ0n`e쭿n;ft,z;jw\}NFxCucLƋ=95i'~Ǽ1^i ~]jsWJ-sDܩPn;ʳ0"'<[$Dӝ薃CLH׺"͋/S+]F'=g7omT2#| Yx2M3}:JfZҼ4iAp3O7nC\~d](5?_eܰKw= =z [,rK"JqMԈ@jhir,N,r`UzH^8؈ڽ] vUF6m>-SZ~D Rf7mMNi j&Όs{$gr0 *yp\v]w71&pQx266y)1hTRop8lf8w  ֍N( 7V9e W_7zkVy} |x|Svz7ߎ7cLPF<U%p1-Koϱ !C9ߨ3[Gͨ_ <s(u߂[d[:G,_ y4u2j\*M&t_n:98ٿ~9+ֻ7FWA~Su9X,W6ƞ;%=ꐞ5e o)iюo+E6UYC}:ا-G!r'ےvzhJMF{m2\\#O9B}f;ҝv4՞H燮nϏP/"ȵAW|rnSS DsCDv'oaI ]_+@i=I529`Gouy™.ǝZFw6QHGl,d΀Dz1 SA\Q1O|4({6Xk1*aH;Ȃ @>u爛B$d5=9Fes:3S^>vc"PjGUKzg[QP?Z'IE'Tt_H&ثdz)5qXIUI?yRE-]Vk{ ܂pK}G*U j)4{Jk1$$ayL5aaR%rHyd]zi/{)}Ă=`_[E]>`eݦ^зSg4,V\@+J4Z)1Zg*Gt3ټIo!~}# ,BH/ $(;b0Ù57o9]!(K}„hH9g{L*>!E5,Tn 3ٺ5bP}"VCCu"#}z)4%)^th Icm\zwo*IJmZj5_r>wHͯ|Kq(n]P(J1] IH$ '#Dol]e+ I*M)x  }^Z$Rw>ѡt3珑X(1~/n9m"6a ,x){ 4-Qߖh<#d)%ÑEO%l ҅y9ͩ/U5E)nDHD IFuFIBn8Ɔ!ʛRTVV'їUE=Cug)7$,h$Ct_BZƂ*$J(a@ eLwPH2HK~}KK )cpxDsQcrI8vhL]K̗#sivnJ%CP"A%0P!x>jVNtNB_ܹ{˴9[:>7|\ WQi\ Vg@"mXNY]yU\=śߍߍߍߍO7m+ qԙRwf3[e?}7%qi앃+GxMo{hSsDo=#y$V!ei/LYm lu׃9L|4Ϧ>xE} (eQ76.!%qC,|w:S_etݼhߕM(!"; O8|*$Bz9 .3 l6siCU(D9,C%/ג6bcɤV| a :}i .P듐x RلYv+ۗDnxnznS _\ +:  A<[Sx۔ސ6}Zu\jTʰ{Sk?{9*_Do2r4Vo8?皟ecc4x c#,5$ xt Y|l :}ae{~7 ~7 ~7 ~7 r`V 4hX.8A?"_H|9O$⾦k[&Š֠)GE+عFnr-rj: 6{Bu\}iz,jyê+ڰntsO7k<\[іUz퉮/.`fE p NQۆFGP-{oU^Q QOL.>ʤrid_CՐͳa%I:cM闷1sI3ˆ N+@Gȁ<)p鹷*K7`WcXa_Ӌ֋`Z "("ؾη6JE32!Lv'Ks2X`sHXi%:)Decb/oX>r.q72DՈW7k `a\2sm p'Ə?ijh,oty/7_)k%|R$GnG@+( .Wg遗2_*:um).&.վ&˸RrW|kfN"F^{v@]ӚB-`X$;65奙t=mZA˽=V4 mX[`cX׈gEq;ONaYm}m-6,щ{K"|eX -]߉P֭74}Am @ȼ#MԬE5VfX)l%"Q0MW+ℱfneq93?:H4T/"xHKOuztowwv]g4ֵ7 d5XOV/Ym/p}cHv˼(jM^,Nܓ atoub%6Y3'g(0dCBt e"|b7?A?fp?c͝~Ke ߱yHY=X6# ~VxrzS, u`ڳF!;Opl R/׻a@amIYIzĢnjS0e f4~Su&1F[ω7zX#? MH)`G%==B~B;$TXT0AƵ3D!PS\>vgq'H\ {Dgȏ;y(ʊvמQ|lڏ^·p*ju<6i#,dN^I YêPة;80=B0? L68~܉^",p痈Z8䄲mPz+I#샒=%hcG? ,Qx}(Ds.2?:(-ķVFXzj"ZOx$ǍYV./>l?QX2  /(_7DF \sj61%R>&sjVQjj~zr_ZRӂ,w)do=7:է[c7lek[`ɣS#ԄXpU) & tf,-F%5R`s̴ܧ5ԈbvӚ \lzZC읪B[7>V]^q=o7/ݙAVnVt&[wnVD܀cuQaNa)Cc,XjH"`G26CR˰0-|ri;.RU!sH"̦vB ?ZA)r`!?感F_+UMhբ jG@VT9v~GJ4r[#VONAC &xڣGF^G<0RI+[g8l֠ [&{gMsX,kG J&_KO>:ÂP1,@'0eۡǪchGKk a[¥4CNgH}#nAš Mtl*vUZ TJ j'ϳW[ ByFh#/V7kk0,9)K xfZ-j%FG0 ,o%1q8 @Twtc08 ;l݈uXy0W0r-h#jO5ttRrEu.bd*f&3ZIikxg8 B<1E]F}(G #n$YZmI&{|>o{OxR(kUeA(;Z@kbҾp@;q~ܒy'||]Q'uyp IEeE.dc$q<]śP8<ٟ ܰn󟢁o8gkH0jCL9ǫRS ƈn_dÀ3[]NŰDlĤ c 4FH[~s3U˸Z 45aAv\N~c㗌?#BLk83D KXa؊6Sp_t/ qG>wڗZj !1g昡Gi>'߀URž P"W ]N"@ ' !\%%n4W3>n3/Lh0vA>0<(SG]ĝ?]w7AP/: Xf`4ܳ)ul9t:WeOLg>򳉁{t39rRS¤vxX-><' .yHcI 8^iN4X+k7,X2| >܇>Rh̘_[*uUԾRk]j)q^]y} YV^"Uӄ\I \A]t/ PIZ  w{Pɾe{A%͈ŵ7֝:4//ϾiVt?vڗv:x Zѷptԭs9rԹrҾh]^/zƉ7y?Kyl21^ 3%,C rr<瀟 3yA@C|}}5_g^g55u%:IX gK8=Rfr z)A^dկ?e$#@~Nɠ2lc/3\.2Kܿw2~6RAk_u qʕx^Syښ薽VqۭMnX_KG{2Pi +{ ϹO 2 r hxWYdbd b{Xe?~VP枔u]SRMj. {%])2-XѦZ}5y^9=U26CK}_A*oND6KA1wQ' oL2f~4ĎbSy3W]xwPn$x?5Wx-Cԫ}\<ڎNޝ{f08O6? K\<. 쎧};=W](8xZLԸGpkQV =<5|37>RqFPgN%^TEblR/O>*8uߚLu8i$xH&''R?ưsW3@Yt5^Bm ~0}#uRiErT)~ܑN0mFGS10)5ɪ"+Uw9 ط]V++R0X^*(d@#غ̏7x#xC7@OG=wHX&58L"-76@cuc߻E} CB/ -&ȷ:ѧ_]z \Z=bp*WYn&`XC,+&lybobbrֆ:9nVeɱF?]  AR=d."< CϾty9B"ryww[ 8]xm8 p0aၽⲯ7F ߶`kR0F301ss>Q70icоu8b5$1x_059xcӍAb毜nOlDm@(~ L݆{|}uP }±-{˳NVmbMʮnG)\DEs5 X 9c2K'[sD~lW3&?eoITK]S/?D6^4Da\WvBaI&rf,fzg 5)D>*#lOʗl,&1 KJDIl7U/{@{ SN(|Q\k֊,#!1苄IMC xc͙*q/wi!{sF}(0#7'DJ  Vj /McA۾؊W׊?&o4 0z< @SH<hq,>F^<2\$%4-ϫ1E![%% 9vc{]/I)H[aD6Nwn =c,^b>0v!$[0W6p|!g2D~kB=&*P=fZ v,0%^z'O֒Ǎƶ >=v|"eI.~;N>TIHq,>avEC3`C^HjO(tۆOncC Am{';*lٹs˜0L1Д8ڶRCKA#4 +eh[b ic%pgt!M# nԱw 7g}74| צJ,"Q*m|? /e;:з 57`(P| ӽ9>g(N~")1v/->ʐXh[eR@V)tnO˞3狰BVx3AEK,^rEXٽ$'q{hՁG0>q7Kl@ cwQ bzٛGm;qr2M9RmS-(-]?X71Ȟ<u}۲|lږa=tk`CΌ6   =[=܊;~C1F`묞 lI12, $8jVI6;;:7&|iy-ccC v_ʉ~ph[?"Y>A wvǰY0!Ƨ7OЧUHF> T.9ϭn/]2H"<-#w:g!/|7_#[]2*N-Z7=w KpF u #'yQï3=ljٳ6Lc\9,BCi6aQ1bPrY*0O_k52lv.2X( Ŵ"&D0;'%_G R"la$rR3 ⷇ET z.t3^\/4Nyv{ϼ󡟼0SS2wħ$Ywg@sOgr|A>&:x~ea= V]*gꙺVn7oCoy6=xT2V* wV|VtƦI21qzRSFsv*|(6lS24s_hjBjxTȉ~q[96aNw6~ȄM#^vecJ;>)