Stopping Attacks in Their Tracks
Interview: ISS CTO Christopher Klaus details his company's new strategy to tackling security threats.ATLANTAWhen Internet Security Systems Inc. began in 1994, it was one of the pioneers in the intrusion-detection and vulnerability-assessment markets. The companys Internet Scanner software, written by founder and chief technology officer Christopher Klaus, was one of the first applications to be able to find and fix software vulnerabilities. But security threats and attacks have morphed and become far more sophisticated in the last nine years, making such capabilities less effective. In response, ISS recently introduced its new Dynamic Threat Protection system, designed to identify and thwart unknown attacks while theyre in progress. Senior Editor Dennis Fisher sat down with Klaus at ISS headquarters last week to discuss the new technology and its application in the evolving security landscape. eWeek: How did this strategy come about? Its obviously something youve been working on for quite a while. Klaus: Its been kind of the missing link in this industry for a while. Patch management isnt working. People do vulnerability assessments and they get this huge book of vulnerabilities and dont know what to do with it. We just use vulnerability detection as a feedback loop in threat detection and assessment to say, where are you not protected? If you think about security as a car, most people just sell you one piece, like a transmission or an engine without telling you that you need the other parts. Were providing people a sports car to go from point A to point B. The customer needs to be educated at a higher level to say, Youre really buying a car and its not just all these little pieces. We wanted it all integrated as one protection system.
eWeek: Im sure youve talked to a lot of customers about this already. Is this something that they see the need for?