Locking Out Cyber Criminals: Securing your Cloud based Web applications

Filed in by Angela Bartels | September 23, 2010 9:10 am

This is a guest post written and contributed by Jim Barnes, Business Development for XyberShield[1], a Rackspace Cloud Tools Partner[2].

Cyber crime profitability has exceeded illegal drugs in the rankings of organized crime. What has become the criminal’s main entry point? It’s the Web application. All businesses utilize some kind of Web application and this means the business threat is real and measures need to be taken to protect your assets. In fact, business sectors have developed compliance regulations, such as PCI-DSS, in order to regulate data security processes.

All businesses are facing the same regulations and compliance issues regarding data and information security. To add to the difficulty of meeting regulations is the search for the correct combination of security tools and processes. When combinations are narrowed down, businesses then consider the frequency of updates, patches and system monitoring. Not surprising, businesses find that hardware, software, system management and personnel costs can be the biggest hindrance to implementing the strongest security system. Sadly, the cost of a robust and redundant security system is out of reach for many SMBs.

Twenty five large enterprise XyberSecure customers requested a cost effective security system that used continually updated threat signature libraries, behavioral analysis and real time response. They also wanted it to work with their databases hosted in cloud environments. XyberSecure responded to their requests and created XyberShield[1], a real time Web application security system that learns and automatically distributes new defenses to all of our customers for new and known threats.

XyberShield customers didn’t want to deal with a process slowing proxy or give up hosting their customer’s data. XyberSecure created a web application observer that installs easily within your web application folder and sends small packets of data streams to the XyberShield defense system. XyberShield then monitors computer communications at the Web browser level. This means a user can open up one browser or many from the same IP address and XyberShield defends against each independent browser session.

XyberSecure concentrates on developing protections for the top OWASP defined attacks and the threat vectors within PCI-DSS section 6.6. We continue to strive to be one step ahead of cyber criminals by looking for new threats revealed by organizations and analyzing the web browser sessions of our customers. With the assistance of our behavioral analysis and correlation engine, XyberShield is able to quickly react to attempted attacks and define new defenses.

Although there is not a fix all tool for Web application security, businesses utilizing the Rackspace Cloud are able to deploy the same XyberShield that is protecting many large global enterprise companies at an affordable price.

Endnotes:
  1. XyberShield: https://www.xybershield.com/
  2. Rackspace Cloud Tools Partner: http://tools.rackspacecloud.com/applications/xybershield-real-time-web-application-security-saas/

Source URL: http://www.rackspace.com/blog/locking-out-cyber-criminals-securing-your-cloud-based-web-applications/