Security Management Strategies for the CIOAccess "Product review: ForeScout Technologies's ActiveScout 2.5"
This article is part of the January 2003 issue of Negative exposure: Web scanners reveal unknown holes
Skilled hackers perform target reconnaissance before an attack, identifying target machines, collecting service banner information, OS type, application versions and other valuable data. In theory, if you can detect recon activity and reply with bogus responses, you can then later block any traffic destined for a bogus target. That's the idea behind ActiveScout, the first offering by startup security vendor ForeScout Technologies. ActiveScout basically inserts an ink dye into response traffic to mark suspicious traffic. It monitors traffic for suspicious requests, and replies to them with bogus information about what hosts and services are available. Should ActiveScout see that bogus data reappear in another connection attempt, it can block the attack and alert admins for further action. Simple Design ActiveScout has two primary components: The Scout sensor and the GUI-based management console. An optional management server allows enterprises to aggregate and control multiple Scouts. ForeScout also offers an add-on "Enterprise Heads-Up" module, which ... Access >>>
Access TechTarget
Premium Content for Free.
What's Inside
Features
-
-
Web application security scanners: How effective are they?
by Kelly White & Yong-Gon Chon
How good are Web application scanners at rooting out vulnerabilities? We test two of the leading tools head-to-head to find out.
-
Software code review: Code testing to identify vulnerabilities
New tools ease the burden of building secure code.
-
The declining need of accelerator cards
Cheap, more efficient general-purpose chips are reducing the need for accelerator cards.
-
IT security supports increased federal cybersecurity law, survey finds
by Andrew Briney
IT security supports increased federal cybersecurity law, according to an Information Security survey.
-
Security liability: Who's to blame for a data security breach?
Who's responsible for security breaches? Short answer: everyone.
-
Web application security scanners: How effective are they?
by Kelly White & Yong-Gon Chon
-
-
Web-based application infrastructure: Extended connectivity means more risk
Do you know how Web-based application infrastructures are built and used? Learn how in this story.
-
Understanding encryption and cryptography basics
Cryptography doesn't have to be so cryptic. Here's a primer, in plain English, to walk you through the basics.
-
Product review: ForeScout Technologies's ActiveScout 2.5
ForeScout Technologies's ActiveScout 2.5 stops malicious traffic outside the network perimeter, but only under certain conditions.
-
More cybersecurity laws needed for operational IT security
by Andrew Briney
The U.S. has already adopted several cybersecurity laws, but few affect operational IT security.
-
Information security laws: Are they worth it for your organization?
by Andrew Briney
Who wants the government's help? Who wants to be left alone? Are information security laws worth it for your organization?
-
Web-based application infrastructure: Extended connectivity means more risk
-
Columns
-
Defining IT security resolutions
by Andrew Briney
Editor-in-chief Andrew Briney offers five IT security resolutions for the New Year that he hopes the industry takes to heart.
-
Examining infosec hackers of the past and how they affect cybersecurity laws
Learn about hackers who have been caught in the past and how it effects IT.
-
How to harden Windows to improve security
How to harden a Windows box to improve security without impairing functionality.
-
Using routers to improve network firewall security
As businesses expose systems to the Internet, it's important to revisit how routers can act as the "suspenders" to the firewall "belt."
-
Taking action: Understanding the importance of information security
by Jay Heiser, Contributor
The British have a marvelous word, "whinging"--the practice of complaining without doing anything about it. Security practitioners love to "whinge."
-
Understanding the balance between privacy and security
Cooperation, compromise is needed to resolve the growing tension between security and privacy.
-
Defining IT security resolutions
by Andrew Briney
More Premium Content Accessible For Free
Next-generation firewalls play by new rules
E-Zine
Firewalls started their journey to the next generation at about the same time as the Star Trek TV series. While the products have advanced with ...
Developing your endpoint security management transition plan
E-Handbook
This TechGuide will help you develop your endpoint security management transition plan. Articles focus on overcoming the challenges of Web-based ...
Unlock new pathways to network security architecture
E-Zine
Network security architecture is showing its age at many organizations. With new technology, different data types, and use of multi-generations of ...