Menu
Qualys devises a virtual patch to protect against vulnerabilities

Qualys devises a virtual patch to protect against vulnerabilities

The security company's Web Application Firewall can protect Web applications from malicious users

If you can't wait for that critical patch to secure your system from some just-discovered bug, IT security firm Qualys may have an answer, through new security software that can secure the trouble spot until the patch arrives.

The feature, called virtual patching, comes with the newly released version 2 of the company's Web Application Firewall, a set of software for securing Web applications against malicious behavior.

Virtual patching can address one of the most thorny problems in enterprise IT security, that of protecting against a recently discovered software flaw. Sometimes attackers can start misusing a software bug as soon as it is discovered --- this is called a zero day flaw.

"Engineering teams can take a long time to fix a problem. Until then, security guys will have sleepless nights worrying about a vulnerability anybody can exploit," said Sumedh Thakar, Qualys chief product officer.

Commercial enterprises continue to be dogged by unrecognized vulnerabilities in their Web applications, which can be used by attackers to gain entry to internal networks or disrupt operations. More than a third of the one million most highly trafficked Web sites are vulnerable to compromise due to unpatched or misconfigured software, a March 2015 survey from IT security firm Menlo Security firm found.

Qualys' firewall can be installed as a virtual image on a server that also runs Web applications. The firewall serves as a proxy, examining all incoming traffic, looking for malicious code that could take advantage of software defects, application framework flaws, Web server bugs, and even improper configurations.

To identify malicious traffic the software pulls updates about the latest vulnerabilities from Qualys, and incorporates results from the security scan of the customer's network, Thakar said.

The firewall was designed to block network traffic that looks suspicious, such as a great deal of traffic from a single Internet address. The virtual patching capability is an additional control measure, one that allows the administrator to set up blocking rules around a specific application.

If a potential vulnerability is found, the administrator is notified through a Web-based console. There, an option is presented to apply a virtual patch to the trouble spot, meaning that traffic going to that part of the application will be inspected to ensure that the vulnerability is not being exploited.

For instance, if an input form for collecting birth dates has been found to accept non-numeric characters, a virtual patch can be applied to block any input to the form that has non-numeric characters. This would prevent an attacker from injecting database commands into the system by way of the form.

The Qualys Web Application Firewall is available for an annual subscription of US$1,995, for small businesses, and $9,995 for larger enterprises based on the number of web applications and virtual appliances.

The Web Application Firewall was one of a number of upgraded and new products Qualys announced at the RSA Conference, held this week in San Francisco. The security company updated its Continuous Monitoring software to watch against threats in the internal network, in addition to the network perimeter it was designed to oversee. The company also released its Cloud Agent Platform, a set of technologies for outfitting devices with software to watch for potential security threats.

Joab Jackson covers enterprise software and general technology breaking news for The IDG News Service. Follow Joab on Twitter at @Joab_Jackson. Joab's e-mail address is Joab_Jackson@idg.com

Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Tags securitydata protectionmalwarequalys

Slideshows

Top 50 defining moments of the New Zealand channel in 2016

Top 50 defining moments of the New Zealand channel in 2016

Reseller News looks back on a tumultuous 12 months for the New Zealand channel, assessing the fallout from a year of sizeable industry change. Whether it be local or global mergers and acquisitions, distribution deals or job changes, the channel that started the year differs somewhat to the one set to finish it - Reseller News assesses the key moments that made 2016.​

Top 50 defining moments of the New Zealand channel in 2016
​Hewlett Packard Enterprise honours high achieving NZ channel

​Hewlett Packard Enterprise honours high achieving NZ channel

Hewlett Packard Enterprise honoured its top performing Kiwi partners at the second running of its HPE Partner Awards in New Zealand, held at a glitzy ceremony in Auckland. Recognising excellence across eight categories - from distributors to resellers - the tech giant celebrated its first year as a standalone company, following its official split from HP in 2015.

​Hewlett Packard Enterprise honours high achieving NZ channel
Nutanix treats channel partners to Christmas cruise

Nutanix treats channel partners to Christmas cruise

Nutanix recently took to the seas for a Christmas Cruise around Sydney Harbour with its Australia and New Zealand staff, customers and partners to celebrate a stellar year for the vendor. With the sun out, they were all smiles and mingled over drinks and food.

Nutanix treats channel partners to Christmas cruise
Show Comments