eEye Digital Security Releases Free Tool to Identify Top Security Configuration Weaknesses
Accompanying Whitepaper Outlines Configuration Best Practices as Identified by eEye's Research Team
(firmenpresse) - PHOENIX, AZ -- (Marketwire) -- 03/22/12 -- eEye Digital Security, the industry's leading innovator of threat management solutions, today , "In Configuration We (Still) Trust." Findings verify that proper configuration and mitigations remain the most effective way to secure IT infrastructure.
The research team at eEye found that the leading mitigations it recommended in 2011 -- disabling WebDAV and Microsoft Office document converters -- prevented even more vulnerabilities in 2011 than in 2010. In the case of turning off the Office document converters, the percentage increased from eight to 10 percent. Combined, the two tactics mitigate 20 percent of Microsoft vulnerabilities.
To put these relatively simple recommendations into action, IT administrators can download a new, developed by the eEye Research Team. It tests for highly recommended configuration updates and:
to compare how the user's company rates against recommended configurations
Tests how the and , identifying potential problem areas
and other areas of concern related to Advanced Persistent Threats (APT)
Shows , allowing users to determine what is valid and what is not
"eEye prides itself on helping our customers and the security community at large by providing security in context," said Marc Maiffret, eEye cofounder and CTO. "With this research and the related free tool, organizations large and small can now quickly test individual systems, gold disks and standard corporate images for some of the most impactful configuration settings from a vulnerability and exploitation perspective."
The research also shows that in addition to upgrading and disabling WebDAV and Office converters, users should limit administrative privileges, put proxy servers to work, encrypt traffic on VLANs and IPsec, and deny access to Windows subsystems. Additional recommendations, most of which are easy fixes, are noted in the research, including how to protect against threats such as Stuxnet, Night Dragon and Aurora.
Tweet this: The research team at (at)eEye releases free tool to test & mitigate biggest security holes via smarter config #infosec
About eEye Digital Security
Since 1998, eEye Digital Security has made vulnerability and compliance management simpler and more efficient by providing the only unified solution that integrates assessment, mitigation, protection, and reporting into a complete offering with optional add-on modules for configuration compliance, regulatory reporting, and integrated patch management. eEye's world-renowned research and development team is consistently the first to uncover critical vulnerabilities and build new protections into our solutions to prevent their exploit. Thousands of mid-to-large-size private sector and government organizations, including the largest vulnerability management installations in the world, rely on eEye to protect against the latest known and zero-day vulnerabilities.
Retina CS recently was awarded a five-start "Best Buy" rating in Vulnerability Assessment solutions from SC Magazine. The review can be seen at .
CONTACT:
Anne Price
PR Works, Inc.
602-840-6495
Themen in dieser Pressemitteilung:
Unternehmensinformation / Kurzprofil:
Datum: 22.03.2012 - 13:00 Uhr
Sprache: Deutsch
News-ID 127486
Anzahl Zeichen: 0
contact information:
Town:
PHOENIX, AZ
Kategorie:
Internet
Diese Pressemitteilung wurde bisher 166 mal aufgerufen.
Die Pressemitteilung mit dem Titel:
"eEye Digital Security Releases Free Tool to Identify Top Security Configuration Weaknesses"
steht unter der journalistisch-redaktionellen Verantwortung von
eEye Digital Security (Nachricht senden)
Beachten Sie bitte die weiteren Informationen zum Haftungsauschluß (gemäß TMG - TeleMedianGesetz) und dem Datenschutz (gemäß der DSGVO).
