Close
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
Search
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Applications
    • Applications
    • Cybersecurity
    • Development
    • IT Management
    • Networking

    Security Vendors Offer Free Zero-Day Tools

    By
    Matt Hines
    -
    December 7, 2006
    Share
    Facebook
    Twitter
    Linkedin

      Just in time for the holiday season, a trio of security applications makers released free resources aimed at helping businesses and users identify potential software vulnerabilities on their computers.

      To help stem the rush of so-called zero-day threats that seek to take advantage of previously undiscovered software flaws and drop malware onto users PCs, applications vendors eEye Digital Security, Secunia and Sourcefire published new information sites and desktop scanning tools intended to help root out program glitches that could lead to future attacks.

      eEye of Aliso Viejo, Calif., which markets network security and vulnerability management software, introduced a vulnerability tracking site focused exclusively on tracking emerging flaws, dubbed the Zero-Day Tracker.

      The online resource offers detailed information and analysis, along with remediation strategies related to new security vulnerabilities, including some data the company said is not available from any other source.

      Operated by the companys eEye Research unit, the Zero-Day Tracker promises to elaborate on individual vulnerabilities independent of other reports. It also aims to separate less serious flaws that could be used to carry out conceptual denial-of-service attacks from vulnerabilities that can be used to deliver more severe malware threats.

      eEye officials said that they launched the effort based on the sheer volume of calls they have received about the zero-day problem.

      “The increasing proliferation of zero-day vulnerabilities means the previous window of opportunity IT had to secure networks between the release of a software patch and an attack has been slammed shut,” Marc Maiffret, chief technology officer at eEye, said in a statement.

      “More zero-day security vulnerabilities and attacks are being discovered every day and dealing with them can easily dominate an enterprises IT efforts. As a result, weve been overwhelmed by requests from our customers to give them the information and time they need to protect their networks.”

      The software maker said it would constantly update the site with new vulnerability data, and offer users the ability to make suggestions regarding flaws that have yet to be detailed on the resource.

      Secunia, of Copenhagen, Denmark, which makes vulnerability management software, launched a free zero-day flaw scanning application labeled Software Inspector to help companies locate potential weak points in their IT infrastructure.

      /zimages/2/28571.gifMicrosoft issues Word zero-day attack alert. Click here to read more.

      Created through the combination of several elements of the companys products, specifically its Secunia File Signatures, and Advisory Intelligence technologies, the Software Inspector promises to detect both missing security patches and insecure versions of programs installed on users computers.

      Secunias File Signatures are specialized rules for identifying installed applications and their exact versions on Microsoft Windows based systems, and the form said its complete database currently contains more than 110,000 guidelines for searching for more than 4,000 unique applications and their exact configurations.

      Sourcefire, a provider of network intrusion detection software based in Columbia, Md., announced the availability of OfficeCat, a free security tool that promises to help companies identify potential threats in Microsoft Office files.

      Unlike products that are used to detect attempts to exploit previously-reported Microsoft vulnerabilities, Sourcefire said that OfficeCat is specifically geared to test if a Windows file contains potential security risks before it is ever opened.

      Sourcefire is best known as the creator of the popular open-source intrusion prevention and detection technology known as Snort.

      “As security threats continue to evolve, Sourcefire is dedicated to delivering solutions for both commercial users and the open-source community that enable users to protect themselves from attacks against their networks and information,” said Matt Watchinski, director of the Sourcefire Vulnerability Research Team.

      “OfficeCat fills a unique need among users to identify potential avenues of attack that can significantly impact their network security. As one of the leading network security research organizations, our goal is to provide users with the best possible security backed by the latest discoveries.”

      In its annual report of the top 20 most serious security issues in the world released in mid-November, research and education specialists SANS Institute ranked zero-day flaws as one of the most pressing issues for enterprise IT administrators.

      Along with the increasing professionalism of malicious hackers, zero-day exploits will continue to haunt businesses in 2007, SANS experts said.

      “Weve come from a world of disruptive behavior that was easy to see, with the trend moving toward value orientation from criminals who dont want their work to be noticed,” said Marc Sachs, director of SANS Internet Storm Center research group.

      “The most effective way for them to do that is to use vulnerabilities that targets have no means of patching, or zero-day attacks, and we expect the amount of activity along those lines to continue to increase.”

      Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Ryan Naraines eWEEK Security Watch blog.

      Avatar
      Matt Hines

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      Chris Preimesberger - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      Chris Preimesberger - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      eWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      Zeus Kerravala - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      Wayne Rash - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more
      eWeek


      Contact Us | About | Sitemap

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Property of TechnologyAdvice.
      Terms of Service | Privacy Notice | Advertise | California - Do Not Sell My Information

      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×