Powersellersunite Power Sellers Unite
Bringing Buyers and Sellers Together
 

Mozilla Developing More Attack-Aware Security Applications
Click here to go to the original topic

 
       Power Sellers Unite Forum Index -> Webmasters and Programmers technical help.
::  
Author Message
elgato



Joined: 24 Feb 2005
Posts: 17240
Location: Texas
Posted: Fri Feb 04, 2011 12:53 pm    Post subject: Mozilla Developing More Attack-Aware Security Applications  
Mozilla is taking a more proactive approach to secure its applications against attacks.

The company is calling this approach “attack aware.” The idea, explained Mozilla Web security specialist Michael Coates, is to make applications able to identify unusual actions by the user that are deliberate attacks on applications. The goal is to detect attempts to probe an application for weaknesses and block attempts to damage a system while distinguishing between attack behavior and user errors, such as typos.

“An attack-aware application uses a blacklist-style detection of a potential attack,” blogged Coates. “It is important to realize that this is not intended to be a substitute for secure design principles. Instead, it is an additional detection capability layered on top of a securely designed application. Think of a bank that has been built securely and then installs an alarm system to detect attempted attacks.”

The challenge to this approach boils down to anomaly detection, said Chris Wysopal, CTO of Veracode.

more.. link to news article
Back to top  
 
       Power Sellers Unite Forum Index -> Webmasters and Programmers technical help.
Page 1 of 1




Powered by phpBB © 2001, 2002 phpBB Group