I've read a lot recently about "self-defending" application security products -- those that can be integrated into...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
an enterprise application to ward off application hacks, subversion and piracy. How do these products work? Do they really do anything new?
Ask the Expert
SearchSecurity expert Michael Cobb is standing by to answer your questions about enterprise application security and platform security. Submit your question via email. (All questions are anonymous.)
The term "self-defending" is becoming a popular marketing tagline among vendors trying to make their products stand out in a crowded security products marketplace. As a variety of vendors are now touting "self-defending" products, it tends to have a slightly different meaning, depending on which product description you're reading.
Software security vendor Metaforic, for example, has launched what it claims to be the first and only automated, self-defending, anti-tamper software. Metaforic Core "enables software creators to automatically infuse a software immune system into their programs," according to the vendor's product description, which means deployed instances can supposedly defend themselves from a variety of threats, including hackers, targeted malware and insider betrayal. It does this by constantly running a variety of integrity checks without relying on the operating system to enforce code signing. Jailbreaking an Apple iPhone, for example, subverts its code-signing control.
While Metaforic is targeting developers, Mocana's Mobile App Protection product integrates into existing mobile device management suites and enterprise app stores. It puts a security wrapper around mobile apps to protect sensitive data using access control, data in motion and at rest protection; it also secures data sharing between applications. Using a wrapper methodology removes the need to modify the application's source code. The result is what the company calls a "self-defending app."
Similarly, data protection vendor Covata's Secure Objects is described as "self-defending data" -- yet another approach. By combining data encryption and rights management to data, it can be protected "regardless of its format, status or location." By focusing on the data, it should be usable across devices, operating systems or applications, regardless of type.
This approach is hardly the exclusive domain of startups. The strategy of Cisco Systems' Self-Defending Network -- possibly the first product to use the term "self-defending" -- is to integrate network security into the fabric of the enterprise network, which the vendor claims allows it to adapt to new threats and collaborate across multiple capabilities and devices.
As to the question of whether these products really do anything new, I would suggest they are innovative in their deployment and use of existing technologies. Does that make them new? I don't know; each organization would need to test them to draw its own conclusions as to whether they provide increased levels of protection. The ultimate product would be self-defending software that automatically created a patch and deployed it whenever unexpected behavior was about to occur. Sadly, for the time being, such a product doesn't exist. In the meantime, be wary of any vendor's claim that a product is "self" anything; every enterprise information security product needs to be deployed, configured and managed correctly in order to work effectively.
Dig Deeper on Application Firewall Security
Related Q&A from Michael Cobb
C&C servers have been replaced with Twitter accounts, which spread the Android Trojan Twitoor to user devices. Expert Michael Cobb explains how to ...continue reading
Two-factor authentication systems require more than using codes sent through SMS and smart cards. Expert Michael Cobb explains how to properly and ...continue reading
A Linux vulnerability that affects 80% of Android devices allows for attacks on TCP communications and remote code execution. Expert Michael Cobb ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.