Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Collaborative project initiated for improved IT security

Rapid7 : 01 October, 2013  (Company News)
The Community Open Data Initiative has been launched as a means of engaging security professionals in collaborating in the fight against cyber crime
Collaborative project initiated for improved IT security

HD Moore, chief research officer at Rapid7, has called for all security professionals to collaborate on security data research and analysis to create greater awareness and understanding of security issues and their implications. To facilitate this, Rapid7 Labs, led by Moore, has launched Project Sonar, offering free tools and terabytes of data from its own research efforts. HD launched the initiative during his keynote address at DerbyCon 3.0, in which he advocated internet-wide analysis as a practical tool for security practitioners to meaningfully improve their network security.

“Security issues are rife across the internet and the situation is getting worse, not better. The security community needs to start sharing data and working together so we can identify and tackle the huge issues confronting us,” said HD. “This isn’t just work for researchers – all security professionals can be their own researcher and ‘scan all the things!’ or contribute to shared analysis. We’re trying to make this easy for the average IT guy to help them understand the value of the data they have.”

To facilitate this collaborative approach, Rapid7 Labs has created and highlighted a number of free tools for scanning and analysis, including ZMap, Nmap, SSL certificate grabbers, DNS reverse lookup scanning and more. These are all available at the Project Sonar community page in SecurityStreet. The site provides a place for security professionals to share data and findings, discuss potential approaches, highlight analysis and implications and suggest remediation options.

Terabytes of data from past internet scanning research is also available for browsing and analysis, for example findings from the year-long Critical.IO scanning project conducted by Moore and Rapid7 Labs. Critical.IO highlighted a number of pervasive security issues, including vulnerabilities in UPnP, IPMI and serial port servers. The value of these kinds of scans in highlighting widespread insecurity across the internet is also apparent in a number of similar initiatives, such as the Internet Census 2012, SHODAN, and most recently the University of Michigan’s ZMap report.

While the value of these findings is undisputed, the investigation has traditionally been considered the territory of dedicated research teams, such as Rapid7 Labs and the ZMap team from the University of Michigan. Rapid7 believes that this approach will not be effective in making the internet more secure without increased collaboration with the wider security community.

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo