IronBee: Creating an open source web application firewall Qualys announced IronBee , a new open source project to provide the next-generation of web application firewall (WAF) technology. Led by the team who designed and built ModSecurity, the new project aims to produce a web application firewall sensor that is secure, high-performing, portable, and freely available – even for commercial use. A WAF is typically an appliance, server plug-in, or software-based filter that applies a set of rules to an HTTP conversation in order to monitor and control the movement of data, thus keeping it secure from possible attacks. By customizing the rules of a WAF, many attacks can be identified and blocked. The increasing use of web applications and the transition to cloud computing makes it necessary to deploy WAF technology to protect data and meet regulations such as payment card industry (PCI) compliance. With the launch of IronBee, Qualys is creating a sustainable c...
Posts
Top 5 IT Security Certifications For 2011 Top 5 IT Security Certifications for 2011 In today’s tough IT market having a security certification that recruiters want can mean the difference between getting that next job or not. “A certification today is like a college degree,” says Grad Summers, Americas leader for information security program management services at Ernst & Young. “You may not hire a candidate just because they have one, but it is something that you come to expect in this field.” Here are the top five security certifications for 2011 , compiled by scanning job boards and interviewing IT security recruiters and employers: Vendor Certifications A growing need for hands-on network engineers, along with social computing and Web 2.0 technology, has propelled network security even further. Vendor certifications including Cisco’s Certified Network Associate Certification ( CCNA ), Microsoft’s Certified Systems Engin...
PacketFence – Open Source Network Access Control (NAC) System PacketFence is a fully supported, trusted, Free and Open Source network access control (NAC) system. Boasting an impressive feature set including a captive-portal for registration and remediation, centralized wired and wireless management, 802.1X support, layer-2 isolation of problematic devices, integration with the Snort IDS and the Nessus vulnerability scanner; PacketFence can be used to effectively secure networks – from small to very large heterogeneous networks. What you can do with PacketFence : PacketFence Block iPods wireless access Forbid rogue access points Perform compliance checks Eliminate Peer-to-Peer traffic Provide guest access Simplify VLAN management Download: packetfence-2.1.0.tar.gz