The Network Security. Org

RSS Feed

Removable media in the workplace can become a security timebomb Skype Still Stonewalls About Security Holes

A Tool For Shielding Against Zero Day Attacks

July 10th, 2006 · No Comments


To a security administrator, the phrase "zero-day attack" creates an important tools.jpgquestion: Is the network in question prepared to counterattack any threat? Unfortunately, in many instances, the answer is no, simply because many security products and solutions are not equipped to deal with an unidentified attack.

Exploit Prevention Labs (XPL) aims to provide that final line of defense against zero-day attacks with SocketShield, a software security product that monitors all incoming and outgoing IP traffic.

SocketShield uses a new approach to combating exploits and overcomes the usual problems associated with other technologies, such as firewalls that tend to be blind to many security threats because exploits often use trusted browser connections. Also, many antivirus and antispyware programs on the market detect exploits after the damage has been done, which usually is because the signature databases are updated after a zero-day attack.

SocketShield overcomes these obstacles by integrating several different technologies to protect a network system. Initially, XPL’s product is tied into a network of automated probes that detect the latest exploits and help to build an exploit repository. Then, the product uses a "site-reputation filter," which compares sites visited with a scored list of rated sites. This feature prevents users from visiting phishing sites. InformationWeek | Security Review | Review: A Tool For Shielding Against Zero-Day Attacks | July 7, 2006

From around the Web

  • Advertisments