|
(Click here to view actual
article)
July 30, 2003 - Applying
Adaptive Analysis to IIS Message Streams
BY JOHN DESMOND
eSecurity Planet Staff
ThreatSentry from Privacyware is an advanced neural
applications that combines modeled metrics and machine
learning to protect from known and undocumented network
threats. Version 1.0 is designed specifically to plug into
Microsoft's Internet Information Services (IIS) Web server.
Privacyware, a unit of PWI
Corp., a custom software development company with strong
ties to Moscow State University (MSU), leverages the
investment PWI has been making into a threat analysis engine
developed with the help of mathematical experts from MSU.
These experts are advanced in areas such as fuzzy
clustering, and supervised and unsupervised learning theory.
"Now we want to leverage our
unique competencies in more of a product model than a
services model," says Greg Salvato, CEO of Privacyware. Work
began in January 2002 on the Adaptive Security Engine, which
is an anomaly detection engine that helps establish a
baseline of what is normal, monitors for exceptions, then
adapts the baseline as time goes on. "The more you use it,
the more accurate it gets," says Salvato.
ThreatSentry is based on ASE
but is very focused on variables relevant to IIS. It
identifies events as either trusted or untrusted. For events
that exceed a threshold, it can send alerts, take preventive
action, add the source IP address to the blocked list, or
shut down IIS if necessary.
Documented exploit techniques
that it protects against include directory traversal,
parameter manipulation, buffer overflow, parser evasion,
high-bit shellcode, printer protocol and remote data
services. Using the product reduces risks related to lapses
in patch management, configuration errors and the use of new
attack techniques.
ThreatSentry is priced at $795
for a single server license. For two to four servers, the
price drops to $695 per unit; for five to 10 servers, $595
per unit.
***
For
more information on ThreatSentry visit:
http://www.privacyware.com/index_TS.html,
call 732-212-8110 x240, or email
info@privacyware.com.
About Privacyware
Privacyware is the
leading provider of advanced threat prevention and security
intelligence solutions. The combination of advanced
competencies in non-linear mathematics, neural networks and
self-learning systems, and proficiency in complex software
and systems development allows us to create innovative and
intelligent security solutions that are distinguished by
their ease of use, advanced analytic capabilities, and the
value they deliver to security staff and the greater
enterprise. Privacyware solutions fuel the organization’s
ability to make better decisions and remain a step ahead of
hackers and others seeking to compromise critical systems.
CONTACT: Greg Salvato of
Privacyware, +1-732-212-8110, x235.
|
