TechTarget

Hacker simulation service raises question of trust with users

In light of recent network security breaches, security company Vigilante has launched a service to test the network perimeter,...

In light of recent network security breaches, security company Vigilante has launched a service to test the network perimeter, but users are worried that the service itself could compromise security, writes Will Garside.

In light of recent network security breaches, security company Vigilante has launched a service to test the network perimeter, but users are worried that the service itself could compromise security, writes Will Garside.

The automated service, called Securescan, uses a number of the tools favoured by hackers to simulate an attempted security breach. Results are then matched against a database of known weaknesses to generate a report for the customer and a list of recommended remedial actions.

Vigilante sells the service through specialist security consultants who subsequently undertake contracts to fix any security deficits discovered.

However, some potential customers have expressed concern that a third party could gain detailed knowledge of potential security problems within their networks after a Securescan probe had been carried out.

Nigel Rix, Vigilante's UK manager, accepted that some people may be concerned, but expressed his faith in the integrity of Vigilante's partners. "Our partners often have long term, trusted relationships with their customers. We believe that this, combined with legally binding non-disclosure agreements, is enough to safeguard any confidentiality issues," he said.

Although recognising the value of the Securescan concept, Paul Brettle, security specialist at security products supplier F-Secure, expressed doubts about the overall effectiveness of automated testing.

"Securescan is a good idea but it is unable to ascertain what additional problems may be caused if these potential security flaws were to be exploited. Also, it doesn't provide real-time protection against hackers.

"Prevention is great but you still need a cure," Brettle said.

This was first published in September 2000

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close