Page Two

By Dennis Fisher  |  Posted 2003-01-21 Print this article Print

: Stopping Attacks in Their Tracks"> eWeek: Whats the thinking behind the virtual patch technology? Klaus: Over time, people have become dependent on vendor-released patches as the first line of defense. But the average amount of time it takes to get one of those out is about six months from the time the vulnerability is found. We can provide the same kind of protection on the agent without affecting the underlying application. The standard security expert answer has been to go and turn off whatever services youre not using. But that can take a long time and sometimes you have to go into the registry and mess around and you never know what can happen. So we said, lets just block it instead of turning it off. Its much easier, its cheaper and its just as effective. It can prevent attack packets from getting to the target. Its the same protection level as a patch without really changing the system. We just need to make sure were accurately detecting the packets. Our goal is to reduce false positives to zero.
eWeek: The protection against unknown attacks is clearly a big part of this.
Klaus: Yeah, were investing in a lot of technologies to detect unknown attacks. We cant prevent everything. But anyone who tells you they can detect them all is selling snake oil. Were just at the beginning of all of this.


Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel