Zero-day
exploits, where worms or viruses are used to
attack computersbefore their vulnerability is publicly
announced, could be dramatically reduced if a
tool created Immunity is adopted, said the company.
As a vulnerability tester, Immunity said its rationale is to
hunt down and publicise zero-day security flaws. At Defcon in Las
Vegas it released
its free debugger tool, which can help security professionals
slash the time needed to expose any system's vulnerability, which
can then be patched by suppliers or trusted security partners.
"It is the bugs themselves that are the problem, not the
discovery and disclosure of those bugs," said Immunity chief
executive, Dave Aitel.
However, not everyone thinks publicising security flaws is
responsible. "There is a school of though that publishing the flaws
in any IT system gives hackers a free tip-off," said Paul Docherty,
technical director of UK security supplier Portcullis Security, a
partner of Immunity.
"We think any information that is in the public domain is a good
thing. Zero-day hackers do not share their information anyway. The
quicker you expose the flaws, the quicker the suppliers can close
them down."
Also, he said, vulnerabilities are not published until 30 days
after the patch to conceal them has been circulated.
"We put everything together and developed something we feel very
comfortable using," said Aitel. "It took us nearly a year to
develop, but it means you can create a defence in no time."
All of Debugger's features, including its API, graphing engine
and graphical API, are accessible from the
Python scripting engine, Immunity announced.
Debugger includes a number of example scripts and users can
write their own scripts.
The software
as well as monthly updates will be provided free of charge.
Comment on this article:
computer.weekly@rbi.co.uk