Making Hack Attacks Easier To Spot And Stop

Symantec Corp. has unveiled its Security Management System, software designed to help analyze and correlate data coming in from a variety of security products. There are nearly 10 million events recorded each month by U.S. businesses. The software presents managers with a single security console and helps them quickly identify activities that represent real threats. It's built on Symantec's Enterprise Security Architecture, which the company says provides a standards-based interoperability framework that other vendors can build upon to further enable centralized security management. Entercept Security Technologies and TippingPoint Technologies Inc. are integrating their intrusion-prevention software with the Symantec architecture.

The escalating number of security vulnerabilities and new types of threats on the horizon are making comprehensive security-management infrastructures a necessity, according to Symantec. The vendor says it discovers 50 new vulnerabilities each week, and more vulnerabilities translate into more attacks--large companies average 32 attacks each week, up from 25 last year, according to Symantec. And the time between the discovery of a vulnerability and the exploitation of it is shrinking, thanks to better hacker tools.

It's only going to get worse, says Arthur Wong, VP of security response for Symantec. The technology exists to create new forms of attacks, including disguised attacks, which infiltrate organizations in pieces to avoid detection; designer attacks, which are aimed at a particular type of industry--even down to a particular geographic location; cross-platform exploitations, which can target apps and data running on alternate operating systems; and attacks based on unpublished vulnerabilities. Says Wong, "It's just a matter of time before we start seeing these."