Application security gets serious
- By Brad Grimes
- Jun 22, 2006
'We're seeing a shift in security from monitoring network devices to monitoring application activity,' said Tracy Hulver, vice president of product management at netForensics Inc.
of Edison, N.J. Thus the company's latest security information management platform, nFX Open Security Platform 3.4
, which came out this month.
Charles Kolodgy, an analyst at Framingham, Mass.-based research firm IDC, sees the same trend: 'Compliance shifted security management from monitoring external network activity to managing internal user activity at the application and database level.'
Among other things, nFX OPS 3.4 includes a new application-monitoring agent, which collects information from specified databases and compiles it into dashboards. Security personnel can use the dashboards to spot anomalous user activity and correlate it with data in network security and application logs. The agent is an in-line monitor from RippleTech Inc. of Conshohocken, Pa., Hulver said.
In addition to application security, nFX OPS 3.4 comes with new historical correlation capabilities, Hulver said, which could help agencies ID previously unrecognized threats by reviewing past events. The platform also has new Risk Insight Dashboards for overall security reporting, as well as tighter integration with Hewlett-Packard Co.'s Service Desk software.