In previous blog posts, we’ve discussed the security issues that modern organizations face. Security was always something that was seen as a necessary evil, something we had to do outside of our core business. The isolated company used to be. Today, in the internet and cloud era, security is inextricably linked to our business. Data security regulations and privacy laws, as well as brand image, have brought security out of the shadows and into the mainstream of our business. Since we have realized the enormous impact this has on our business activities, we have realized that new approaches are needed. Approaches that take into account the wider business as our perimeter has become increasingly blurred.
One of the newly emerging areas that requires the most attention is linked to the idea of gaining real-time insight – i.e. “live” – into security threats. This is often referred to as “new-gen security”. Old-school security tools were static. Antivirus software and firewalls were designed to deal with known threats. Research has shown that while this category of tools still has its place, it now falls short when it comes to modern threats. For example, a study by Imperva, which examined the effectiveness of antivirus software, showed that 75% of software took a month or more to update their definitions. In a world where cybercriminals share information about software vulnerabilities freely and where 317 million malware items were distributed in 2014 alone, we are at a point where we can no longer rely on static tools. We need to rethink if we are to overcome this overwhelming threat. This is where the dynamic approach known as “live security insight” leads the way.
Live security insight
The threat landscape is in flux. Never before have there been so many security and data protection regulations. EU data protection regulations are among the strictest in the world, and the EU regularly provides funding – for example the Horizon 2020 fund – to improve data security and data protection. These aspects have become an integral part of our economic activity.
A new field has emerged that addresses the volatile, fluid nature of security threats. It is characterized by a proactive approach to security using flexible architecture models that can counter both known and future threats. This flexible approach to threat mitigation was a stated design goal in the development of USP Secure Entry Server® 5, providing your organization with visibility into potential security events and the practical means to strengthen your system and data integrity.
As mentioned in previous posts about the different types of web attacks, web security is one of the great challenges of our time. Applications with an interface that touches the cloud or have other online touchpoints are in principle vulnerable to countless web-based attack vectors. Some of these attacks, such as cross-site scripting (XSS), have increased massively. White Hat states that XSS and data leakage are the first and second most widespread types of attack that we need to guard against.
Web threats are dynamic in nature. As vulnerabilities appear, so does the malware that exploits them. To have any hope of coping with this increasingly sophisticated threat landscape of web attacks, we need a sharp, forward-looking pair of eyes to give us insight into this world. The USP Secure Entry Server® 5 is part of the new generation of security tools designed for use in a fluid and dynamic security environment.
The USP Security Entry Server® acts like a watchdog. It sits, watches and waits for web attacks against your web application. It is an insurmountable security barrier and acts as the eyes and ears of a modern security strategy.
The USP Security Entry Server® is part of the advanced security awareness your organization needs to stay ahead of web threats. Among other things, it uses security intelligence provided by the Open Web Application Security Project. OWASP is an international group dedicated to improving software security at a time when we are entering new spheres such as the Internet of Things (IoT). The USP Security Entry Server® 5 has a complete knowledge portfolio of all possible attack vectors: from brute force to cookie manipulation to the zero-day exploit, probably the most difficult attack vector to defend against. Our USP Security Entry Server® covers the entire spectrum of web security requirements across all layers, from front-end access to back-end threats.
The USP Security Entry Server® wouldn’t be as powerful if it didn’t have usable security. As mentioned in a previous post, complexity is the enemy of security. Our product has an intuitive graphical user interface that ensures that settings are applied correctly and that the monitoring of security alerts and events is presented realistically. We provide predefined templates that simplify security management workflows. This means your administrators won’t get lost in difficult-to-understand displays and miss important information. Security can be usable and user-friendly. And we’ve made this principle our design mantra.
Being vigilant and having live insight means you need a real-time dashboard that provides easy-to-understand and quick-to-interpret operational key data. One of the key features is real-time insight into your web application and its threats. These can be analyzed very easily with our advanced log viewer and enhanced analytics capabilities based on big data technology. To make version 5 of our Web Application Firewall even more usable, we have integrated the well-known SIEM (security information and event management) and monitoring solution SPLUNK. This means that you can use software that your employees are already familiar with.
A future based on “live insight”
There is a well-known saying “danger recognized, danger averted”. It applies fully to today’s web security problems. As cybercriminals expand their arsenal against our web applications, we need to counter by being prepared. Preparation requires awareness and it must be proactive and flexible. Live insight into web threats is the only way to withstand the onslaught. We need to avoid becoming a sad security statistic or appearing in the article about the last big hacking coup. Having a vision doesn’t just mean seeing what the future might hold for our company. It also means looking into the future of security.