Close
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Subscribe
Logo
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Subscribe
    Home Applications
    • Applications
    • Cybersecurity
    • Development
    • IT Management
    • Networking

    Security Vendors Offer Free Zero-Day Tools

    Written by

    Matt Hines
    Published December 7, 2006
    Share
    Facebook
    Twitter
    Linkedin

      eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

      Just in time for the holiday season, a trio of security applications makers released free resources aimed at helping businesses and users identify potential software vulnerabilities on their computers.

      To help stem the rush of so-called zero-day threats that seek to take advantage of previously undiscovered software flaws and drop malware onto users PCs, applications vendors eEye Digital Security, Secunia and Sourcefire published new information sites and desktop scanning tools intended to help root out program glitches that could lead to future attacks.

      eEye of Aliso Viejo, Calif., which markets network security and vulnerability management software, introduced a vulnerability tracking site focused exclusively on tracking emerging flaws, dubbed the Zero-Day Tracker.

      The online resource offers detailed information and analysis, along with remediation strategies related to new security vulnerabilities, including some data the company said is not available from any other source.

      Operated by the companys eEye Research unit, the Zero-Day Tracker promises to elaborate on individual vulnerabilities independent of other reports. It also aims to separate less serious flaws that could be used to carry out conceptual denial-of-service attacks from vulnerabilities that can be used to deliver more severe malware threats.

      eEye officials said that they launched the effort based on the sheer volume of calls they have received about the zero-day problem.

      “The increasing proliferation of zero-day vulnerabilities means the previous window of opportunity IT had to secure networks between the release of a software patch and an attack has been slammed shut,” Marc Maiffret, chief technology officer at eEye, said in a statement.

      “More zero-day security vulnerabilities and attacks are being discovered every day and dealing with them can easily dominate an enterprises IT efforts. As a result, weve been overwhelmed by requests from our customers to give them the information and time they need to protect their networks.”

      The software maker said it would constantly update the site with new vulnerability data, and offer users the ability to make suggestions regarding flaws that have yet to be detailed on the resource.

      Secunia, of Copenhagen, Denmark, which makes vulnerability management software, launched a free zero-day flaw scanning application labeled Software Inspector to help companies locate potential weak points in their IT infrastructure.

      /zimages/2/28571.gifMicrosoft issues Word zero-day attack alert. Click here to read more.

      Created through the combination of several elements of the companys products, specifically its Secunia File Signatures, and Advisory Intelligence technologies, the Software Inspector promises to detect both missing security patches and insecure versions of programs installed on users computers.

      Secunias File Signatures are specialized rules for identifying installed applications and their exact versions on Microsoft Windows based systems, and the form said its complete database currently contains more than 110,000 guidelines for searching for more than 4,000 unique applications and their exact configurations.

      Sourcefire, a provider of network intrusion detection software based in Columbia, Md., announced the availability of OfficeCat, a free security tool that promises to help companies identify potential threats in Microsoft Office files.

      Unlike products that are used to detect attempts to exploit previously-reported Microsoft vulnerabilities, Sourcefire said that OfficeCat is specifically geared to test if a Windows file contains potential security risks before it is ever opened.

      Sourcefire is best known as the creator of the popular open-source intrusion prevention and detection technology known as Snort.

      “As security threats continue to evolve, Sourcefire is dedicated to delivering solutions for both commercial users and the open-source community that enable users to protect themselves from attacks against their networks and information,” said Matt Watchinski, director of the Sourcefire Vulnerability Research Team.

      “OfficeCat fills a unique need among users to identify potential avenues of attack that can significantly impact their network security. As one of the leading network security research organizations, our goal is to provide users with the best possible security backed by the latest discoveries.”

      In its annual report of the top 20 most serious security issues in the world released in mid-November, research and education specialists SANS Institute ranked zero-day flaws as one of the most pressing issues for enterprise IT administrators.

      Along with the increasing professionalism of malicious hackers, zero-day exploits will continue to haunt businesses in 2007, SANS experts said.

      “Weve come from a world of disruptive behavior that was easy to see, with the trend moving toward value orientation from criminals who dont want their work to be noticed,” said Marc Sachs, director of SANS Internet Storm Center research group.

      “The most effective way for them to do that is to use vulnerabilities that targets have no means of patching, or zero-day attacks, and we expect the amount of activity along those lines to continue to increase.”

      Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Ryan Naraines eWEEK Security Watch blog.

      Matt Hines
      Matt Hines

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      MOST POPULAR ARTICLES

      Artificial Intelligence

      9 Best AI 3D Generators You Need...

      Sam Rinko - June 25, 2024 0
      AI 3D Generators are powerful tools for many different industries. Discover the best AI 3D Generators, and learn which is best for your specific use case.
      Read more
      Cloud

      RingCentral Expands Its Collaboration Platform

      Zeus Kerravala - November 22, 2023 0
      RingCentral adds AI-enabled contact center and hybrid event products to its suite of collaboration services.
      Read more
      Artificial Intelligence

      8 Best AI Data Analytics Software &...

      Aminu Abdullahi - January 18, 2024 0
      Learn the top AI data analytics software to use. Compare AI data analytics solutions & features to make the best choice for your business.
      Read more
      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Video

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2024 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.