About us | Advertising | SecurityWatch
Home   Articles   Blog   Reviews   Press Releases   Security Tools   Sponsored Solutions
Press Releases
Corsaire Form Alliance With The Nessus Project To Supply Free Vulnerability Detection Pluggins
Wednesday, 7 July 2004 17:09 EST

Woking, Surrey, UK --- 7 July 2004 ---Corsaire (http://www.corsaire.com), a global leader in information security solutions and vulnerability research, has today announced an alliance with the Nessus project (http://www.nessus.org) to facilitate the supply of free vulnerability detection pluggins.

The Nessus security scanner is the de facto standard for the detection of vulnerabilities within a network environment and already has a database of over 2100 pluggin signatures. It is provided under the terms of the GNU Open Source license and is freely available to anyone with the wherewithal to download it.

Under the terms of the alliance there will be a co-ordinated release of Nessus pluggins at the same time as any Corsaire security advisory. This will allow users of the open source Nessus security scanner software to be able to detect the presence of vulnerabilities within their network environment as soon as knowledge of the vulnerabilities enters the public domain.

"The window of opportunity between a vulnerability being announced and the subsequent worm, virus or attack tool appearing is decreasing all the time", remarks Martin O'Neal, Technical Director of Corsaire. "By freely supplying detection signatures in this way, Corsaire will be proactively helping to reduce risk by providing organisations with a practical approach to making the most of the limited time that is available."

Corsaire currently have a catalogue of around 45 unreleased vulnerabilities affecting over 140 different products, all of which will be ported to a working pluggin signature.

"Obviously, the process has to be conducted responsibly", says O'Neal. "Any signature that would be released under this alliance would be scripted in such a way as to provide only detection capabilities, and not to supply enough information from which a working exploit could be engineered."

Renaud Deraison, leader of the Nessus project, "Corsaire are well-regarded in the security industry and I was delighted when they approached me with the idea of forming this alliance. Our alliance is utterly unique; it signals a fresh approach from the industry - an information security supplier willing to provide vulnerability detection signatures consistently, freely and en masse under an open source arrangement."

About Corsaire
Corsaire are a leading information security consultancy, founded in 1997 in Guildford, Surrey, UK. Through our commitment to excellence we help organisations protect their information assets to ensure that corporate risk is reduced and tangible value is achieved from their investments. We have spent over eight years perfecting the unique combination of industry knowledge, commercial experience and technology skills - we come to our clients with a wealth of fresh knowledge and experience in leading industries around the globe. Corsaire bring innovation, integrity and analytical rigour to every job, which means fast and dramatic security performance improvements. Our services centre on the delivery of information security planning, assessment, implementation, management and vulnerability research. For more information visit www.corsaire.com

Featured Articles

Emerging Role of the Business Analyst
Software application development has only been around since the late 1970s. Compared to other industries and professions, the software industry is still very young. Ever since organizations began to use computers to support their business tasks, the people who create and maintain those “systems” have become more and more sophisticated and specialized.

Trojan Attacks Google AdSense
A new Trojan horse is designed to produce forge Google ads that are formatted to look like legitimate ones. The Trojan attempts to incorporate its ads in Google AdSense publishers program. Once installed, the Trojan horse downloads itself onto the computer and replaces the original ads with its own ads.

Identity Federation
According to Burton Group, identity federation can be defined as ‘the agreements, standards and technologies that make identity and entitlements portable’. There are three main federation models - simple (point-to-point), hub and spoke (uni or bi-lateral) and circle of trust (many-to-many).
Scan all company email for viruses, Trojans and worms with 4 virus engines, all in one package - GFI MailSecurity for Exchange/SMTP! Download your free 60-day trial today!

Check your website security with Acunetix Web Vulnerability Scanner. Audit your web applications for SQL injection, cross site scripting & more. Download trial!

Network Security Tools

SpyDefense
SpyDefense protects your computer against annoying, and harmful software such as Spyware, Adware, Trojan horses, etc. SpyDefense is anti-spyware software that prides itself on a very user friendly environment.


Proactive Security Auditor
Proactive Password Auditor is a password security test tool that's designed to allow Windows NT, Windows 2000, Windows XP and and Windows Server 2003-based systems administrators to identify and close security holes in their networks.


File Securer
File Securer is a powerful tool designed to protect your sensitive folder and personal file. With strong security, File Securer embeds the protect into windows system kernel, both on command mode and window mode, all work professionally.




What's up, IT? Blog

Phishing By The Numbers: 41,000 Blocked Sites in 2005
Top 7 PHP Security Blunders
The human factor and information security
Why I Love Vulnerability Analysis In 2005
IT security fear factor: Tape backups
Uncovering Cyber Flaws
State of the security mart
When the hardware gets smart
Security for SMBs
Four Security Resolutions For The New Year

Copyright © IT-Observer.com 2000 - 2006    Privacy Policy | RSS Feeds
Site Meter