News

Immunity says debugger tool will cut zero-day attacks

Nick Booth

Zero-day exploits, where worms or viruses are used to attack computers before their vulnerability is publicly announced, could be dramatically reduced if a tool created Immunity is adopted, said the company.

As a vulnerability tester, Immunity said its rationale is to hunt down and publicise zero-day security flaws. At Defcon in Las Vegas it released its free debugger tool, which can help security professionals slash the time needed to expose any system's vulnerability, which can then be patched by suppliers or trusted security partners.

"It is the bugs themselves that are the problem, not the discovery and disclosure of those bugs," said Immunity chief executive, Dave Aitel.

However, not everyone thinks publicising security flaws is responsible. "There is a school of though that publishing the flaws in any IT system gives hackers a free tip-off," said Paul Docherty, technical director of UK security supplier Portcullis Security, a partner of Immunity.

"We think any information that is in the public domain is a good thing. Zero-day hackers do not share their information anyway. The quicker you expose the flaws, the quicker the suppliers can close them down."

Also, he said, vulnerabilities are not published until 30 days after the patch to conceal them has been circulated.

"We put everything together and developed something we feel very comfortable using," said Aitel. "It took us nearly a year to develop, but it means you can create a defence in no time."

All of Debugger's features, including its API, graphing engine and graphical API, are accessible from the Python scripting engine, Immunity announced.

Debugger includes a number of example scripts and users can write their own scripts. The software as well as monthly updates will be provided free of charge.

Comment on this article: computer.weekly@rbi.co.uk


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy