IBM, Loudcloud Expand Security Offerings

In an effort to capitalize on the interest in all things security, IBM and Loudcloud Inc. last week announced expanded security service offerings, with an emphasis on vulnerability assessment and intrusion detection.

Among the offerings from IBM Global Services are enhanced intrusion detection and vulnerability assessments, security policy assessments, managed firewall services, and virtual private network and authentication services.

The Armonk, N.Y., company named Rusine Mitchell-Sinclair to head the Global Services Safety and Security Practice and Elizabeth Primrose-Smith to run its new Office of Global Security Solutions.

Much of the impetus for the offerings and the reorganization came from customer requests in the aftermath of the terrorist attacks in September, company officials said. While IBM has long had a significant presence in the security market, customers began asking for larger solutions that included biometrics as well as assessments of their companies physical site security and safety.

“This is a large corporate initiative that we feel addresses what customers have been requesting of us,” Mitchell-Sinclair said. “Weve really strengthened our offerings and can now offer a holistic approach to linking different platforms so we can do complete assessments.”

New York-based security consultant Kroll Inc. will work with IBM to provide physical security assessments, IT infrastructure security assessments, gap analysis and recommendations as to what customers can do to prevent physical or computer attacks.

Loudcloud, meanwhile, is expanding the security options available to the customers of its managed hosting service.

A unique aspect of the offerings is an application code review, during which experts will pore over a customers software code in an effort to root out insecure coding techniques.

Loudcloud, of Sunnyvale, Calif., has partnered with @stake Inc., a Cambridge, Mass., security consultancy, whose experts will perform the code reviews.

@stake will also be handling the application attack simulations that are part of the offerings. The consultants will use @stakes proprietary penetration-testing tools to simulate threats, find vulnerabilities and confirm possible exploitations.

Loudcloud is also offering vulnerability analysis and intrusion detection assessment services that will give customers detailed reports of their networks weaknesses along with recommended steps to remedy problems.