Enterprises

Detect and Block Threats on Unmanaged Devices Accessing your Enterprise Applications

The enterprise is increasingly becoming a target of sophisticated, stealthy new malware that uses the enterprise's own employees, partners and contractors as avenues of attack. These parties access enterprise applications using a variety of potentially infected endpoint devices not managed by the enterprise.

Mixed use of home-and-work laptops and home PCs by employees, partners and contractors can lead to malware infestations. 5 percent of PCs are estimated to be infected by botnets and other sophisticated malware.

What's more with an increasing number of enterprises now enabling access from tablets and mobile devices such as iPhones, iPads and Android, the threat of malware infiltration into enterprise networks is greater than ever.

Trusteer Secure Web Access blocks threats from unmanaged endpoint devices. It kicks in when employees, contractors, or partners try to connect to one of the enterprise's web applications. It immediately assesses the endpoint looking for presence of malware and vulnerabilities.

High-risk endpoint devices are banned from connecting to sensitive enterprise applications. Trusteer Secure Web Access then removes any high-risk malware from the endpoint and applies layers of protection around the browser to prevent any potential threat from getting access to sensitive corporate information or traffic. The service is available for Windows and Mac as well as tablets and mobile devices such as iPad, iPhone, and Android.

Enterprises rely on Trusteer Secure Web Access as it:

• Secures access to enterprise applications from desktops, laptops, tablets, and mobile devices
• Protects against Malware, Man-in-the-Middle and Phishing attacks
• Allows access to enterprise applications only when the endpoint is risk free
• Is deployable in days
• Includes automated investigation by fraud analysts 24x7
• Is transparent to employees, no change in user experience or behavior

Click here to download a document about Trusteer Secure Web Access.

Home Users

Trusteer works with hundreds of leading banks around the world to keep your online bank account safe from online fraudsters. It picks up where anti-virus and firewalls leave off, preventing new, sophisticated attacks that anti-virus and firewalls are not always updated to protect you from.

What's at Stake?

Criminals are after your money and identity. Inevitably, your online bank account has access to both. If criminals manage to access your online bank account, they can not only access your private information but also transfer money out of your account. Although banks take various measures to protect you against this threat, one of the biggest risks is actually the computer used to bank with. Here are two sophisticated attacks that criminals use to access your online bank account using your computer:

• Malicious software (or malware) - automatically and silently downloaded onto the computer when browsing the Internet, malware silently captures login information and transfers it to criminals while users log-in to their bank's website. It is also capable of silently changing the transactions executed as directed by criminals
• Phishing - criminals build fake websites that look very similar to the bank's website. They do this to lure users into visiting these fake websites and submitting their online banking log-in information. This data is later used to access their online bank account

Why Your Current Computer Security is Not Enough

Anti-virus, firewalls and other security software are important but unfortunately not enough. Various studies and recent incidents show that these tools are not always effective in preventing criminals from taking money from your account. As criminals become more sophisticated, your bank strongly recommends additional layers of protection on your computer to enable safe online banking.

Trusteer Rapport - Dedicated Online Banking Security

Trusteer Rapport takes a unique approach that adds real value on top of your current security software. When you connect to your bank online, Rapport does three main things in the background to make it extremely difficult for criminals to target you:

• Rapport verifies that you are really connected to the bank's genuine website as opposed to a fake website created by criminals. Although this sounds trivial, it's not obvious that you reach a genuine website when you type your bank's address into your web browser
• Once verification is complete, Rapport locks down communication between your computer and the bank's website. This prevents criminals from hijacking your online connection with the bank
• Rapport protects your computer and internet connection by creating a tunnel for safe communication with your bank, preventing criminals from using malware to steal your log-in data and tamper with transactions

Click here to download a document about Trusteer Rapport.

Financial institutions

Trusteer delivers secure browsing solutions that protect financial institutions and their customers from online fraud committed by financial malware and phishing attacks throughout the online banking process and beyond.

Trusteer's end to end solutions take a holistic approach to online fraud by preventing incidents at the point of attack while investigating their source to mitigate future attacks.

Click here to download a document about Trusteer Intelligence Services.

Protect the point of attack - Rapport, Trusteer's flagship solution enables financial institutions to protect the weakest link in the online banking chain - the customer browser - which even the strongest authentication, fraud detection and transaction verification systems cannot safeguard.

Rapport locks down the browser and creates a safe tunnel for communication between the customer and their financial institution, preventing fraud. A light-weight security software that downloads onto the customer's computer in minutes, Rapport works in the background and doesn't call for a change in user behavior.

The solution comes with a rich management application that enables financial institutions to effectively trigger alerts, view and analyze data as well as manage security. Trusteer Rapport is used by hundreds of financial institutions and tens of millions of customers.

Click here to download a document about Trusteer Rapport.

Investigate incidents and identify their source to mitigate fraud - Trusteer Flashlight enables financial institutions to perform ongoing risk analysis and investigate malware related fraud incidents easily and quickly. Using Flashlight, financial institutions can definitively determine malware variants committing fraud and use recommendations provided to block them.

Investigations can be easily and instantly initiated upon incident discovery. Results for known malware are received in minutes and can be viewed by financial institution in the Trusteer Management Application. Flashlight delivers the expertise of Trusteer's malware analysts in covering previously unknown malware and mitigate related attacks.

Recommendations for blocking the malware are sent at the end of every investigation. Flashlight provides the critical data needed to work with law enforcement and takedown agencies, address malware sources and stop them from committing fraud.

Click here to download a document about Trusteer Flashlight.

Trusteer

Trusteer offers solutions for financial institutions, home users, and businesses.

Financial institutions

Financial institutions use Trusteer services to secure their customers' browsers from financial malware attacks and fraudulent websites. Trusteer allows them to proactively protect against attacks that target customers directly. In addition, Trusteer send out immediate alerts, and reports whenever a new threat is launched against the financial institution or their customers. Using Trusteer, they can investigate new zero day threats, suspicious computers, and reconnected infected computers. For more information, click the Financial Institutions link on the left.

Home users

Home users use our services to protect their online banking, online shopping, and other sensitive communication, against malware and fraudulent websites. Home users can download the Trusteer browser plug-in from any of the banks and websites that work with Trusteer. For more information, click the Home Users link on the left.

Enterprises

Enterprises use our services to protect network resources and sensitive data accessed by employees, partners and contractors on potentially infected devices not managed by the enterprise. Trusteer prevents malware and phishing related attacks launched against the enterprise to steal confidential data and commit industrial fraud. In addition to securing data on the enterprise network, Trusteer also protects SaaS applications in the cloud including CRM, support, accounting, payrolls, online banking, and Webmail. For more information, please visit the Enterprises link on the left.

Nascom & ZION SECURITY: Building secure web applications

Hasselt / Leuven 17 September 2009 An online application developer and an expert in security solutions are joining forces to offer a full service to their customers. Security issues are typically tackled at the moment a ‘hack’ has been determined, and the company is confronted with an acute problem. In the best-case scenario, an application is tested on possible security risks after its delivery. Nascom and ZION SECURITY prefer to adopt a proactive way of handling this. They are introducing security right from the start of the project, and can therefore avoid many unnecessary costs and hassles.

Perfect partners

Applications must be secure, always. That is the starting point of this partnership. Nascom takes care of building the applications and puts the security related issues of delivering (web) applications in the professional hands of a third and independent party. Leuven-based ZION SECURITY proved to be a perfect partner.

ZION SECURITY stays closely involved with the project throughout the entire process to nip security issues in the bud, resulting in 100% secure applications at the time of delivery to the customer.

Investing in knowledge is essential to achieve the common goal that has been set. Nascom employees have been thoroughly trained by ZION SECURITY specialists, to guarantee the right know-how and expertise.

As the first developer of online applications in Belgium, Nascom is implementing a ‘Secure Development Life cycle’ (SDL), and integrating security related knowledge and effort in her standard SDL. This entails among other things that ZION SECURITY will execute a code review as well as testing as a standard for every application that requires it.

Avoid traps

ZION SECURITY will in turn recommend Nascom as a strategic partner for ‘secure web development’ with its customers. They have faith in the level of expertise at Nascom and know that their way of programming and the implementation of the SDL will lead to secure applications.

Thanks to this new approach, typical security related traps can be avoided, since they are tackled right from the start of the project. The customer can count on a secure application at the end of the production process.

Nascom

Jonas Coenen (jonas.coenen@nascom.be)
t: +32 89 20 15 00
f: +32 89 20 15 01

ZION SECURITY

Christophe Joos (Sales & Account Manager) (christophe.joos@zionsecurity.com)
m: +32 495/83 51 31
t: +32 16/29 79 22

Who is Nascom?

Nascom is a young and dynamic agency specialized in 4 interactive fields: Digital Campaigns, Digital Applications, Mobile and Services. Nascom employs over 70 enthusiastic creative and skilled individuals.

Want to know more? Visit www.nascom.be

Who is ZION SECURITY?

The Leuven-based ZION SECURITY was founded in 2005 by Ir. Erwin Geirnaert and Jessica Nieuwdorp. Its consultants are experts in IT and security and have years of experience in executing projects for large, medium and small enterprises. They are specialized in securing business and e-business applications, e-commerce shops and network infrastructure.

Want to know more? Visit www.zionsecurity.com.

Testronic Laboratories

Testronic Laboratories, established in 1998, offers professional and confidential independent quality assurance services to the Home Entertainment and New Media Industries.

A worldwide service is offered from Testronic Laboratories' facilities in the US, UK, Belgium and Poland. In total, Testronic Labs employs over 260 permanent and freelance personnel.

Testronic Laboratories specialises in multimedia quality assurance for all types of content (film, game, music, etc.) on all mediums (DVD, HD-DVD, Blu-ray, CD, online, wireless, etc.) for all devices (optical players, PC, mobile equipment, game consoles, etc.).

Testronic Laboratories offers a wide variety and flexibility of services including Device Compatibility, Functionality, Content Verification & Compliance, Localisation Testing, Controlled Copy Protection Technology and Load Testing.

The different services of Testronic are summarized in 6 divisions:

• Performance
• Functionality
• Usability
• Security
• Compatibility
• Localisation

ZION SECURITY is worldwide partner of Testronic Labs to execute security tests on your network and web applications.

For more information, please visit www.testroniclabs.com or contact one of our representatives.

iLibris

iLibris is a hosting provider that differentiates from its competitors through an open, personal approach towards the partners and customers. iLibris and ZION SECURITY share the same approach, namely to work in partnership with the customers. iLibris offers a wide range of solutions for web- & application- hosting.  

ZION SECURITY and iLibris started up a unique partnership to offer a secure hosting environment to partners and end customers. The infrastructure of iLibris itself is build with the necessary security controls in mind. However the risks and vulnerabilities lay in the web application(s) or web site.

The goal of this strategic partnership is to solve these vulnerabilities and leaks in a proactive way. ZION SECURITY will assist iLibris and its partners to control these vulnerabilities and risks. Our security experts developed the following solutions:

• Code review: By identifying potential security risks in the development phase, you can already prevent the most common problems. We do not only look into the code, but we can also investigate and assess the development process. Code reviews are executed manually or automatically, depending on the situation.


• Security testing: ZION SECURITY executes security tests on your network and web applications. Our security experts act like a real hacker: we identify vulnerabilities and leaks, investigate how hackers can exploit these vulnerabilities and indicate the risk when a hacker exploits the vulnerabilities.


• Web Application Firewall: A Web Application Firewall protects your web application(s) against attacks from hackers and malware. We developed a unique concept, ZION SECURED WAMAF: for a limited amount a month, your web application(s) are protected against attacks. ZION SECURED WAMAF is integrated in the iLibris infrastructure.


• University: Our security experts train developers to develop secure web applications. We also offer various courses for IT Managers, Network Administrators,... like how to configure and install Web Application Firewalls, how to execute security tests in a consequent manner, how to exploit vulnerabilities in web applications and different topics about network security like VLAN's, NAC, IPS/IDS,...

The final goal of iLibris and ZION SECURITY is to provide a secure hosting environment for customers. This is only possible by sharing services, processes and knowledge.  

Switch now to a secure hosting environment by contacting one of our representatives for an offer without obligation.

Strategic partners

ZION SECURITY has selected three organisations to start up unique partnerships. The goal is to create long term partnerships, like ZION SECURITY always does with its customers.

Each partnership has a specific purpose. At this moment ZION SECURITY has a partnership with Nascom, Testronic Labs and iLibris. Discover now what these partnerships and organisations can do for you.

Scansafe Web Filtering

As the amount of time spent browsing the Internet continues to rise, the problems associated with providing unmonitored and unregulated Internet access also increase.

Now dynamic and user generated content makes up a large percentage of content being accessed. Therefore traditional methods of filtering based purely on web site categorization can no longer be considered sufficient to maintain web usage policy and prevent inappropriate content from entering the network.

Scansafe Web Filtering empowers organisations of all sizes to implement an effective Web policy to help limit legal liability, enhance user productivity and improve network performance by preventing inappropriate, bandwidth intensive or non-business related content from entering the network.

Scansafe Web Filtering enables businesses to implement granular control for both inbound and outbound communications while realizing cost savings of up to 40% by eliminating the need to purchase, deploy and maintain hardware required for on-premise solutions.

With this solution you have complete control over how end users access content on the Internet by providing intuitive tools to create, enforce and monitor effective inbound and outbound web policy. For example it helps you to prevent leaks of confidential or personal data to the Web.

Scansafe Web Filtering integrates seamlessly with existing Active Directory infrastructure, allowing administrators to easily create different access policies to suit different areas of the organization. You also have a web-based interface for centralized management and reporting.

Please consult one of our representatives for more information or a quote.

Download the PDF about ScanSafe Web Filtering for more information.

Case Study

Oiltanking is one of the largest independent stocking partners for oil, chemicals and gasses. Oiltanking possesses and exploits 70 terminals in 21 countries with a total stocking capacity of more than 17,2 million cubic meters.

Read now why and how Oiltanking has deployed the ScanSafe solution together with our security experts:

Case Study ScanSafe Oiltanking.pdf

To protect your web users against the latest threats it is required to protect their passwords and workstations.

To protect web users against web malware, viruses and malicious or illegal web sites ZION SECURITY is Silver Partner of ScanSafe, the Software-as-a-Service solution that will control and protect your web traffic.

To improve the usage of passwords for web applications, ZION SECURITY can provide one-time-passwords from AuthAnvil that can be installed on your iPhone, Windows Mobile, Blackberry, iPad, Windows PC, .. and generate passwords to access your critical web application or content management system.

 Interested?

Please contact one of our experts for more information or an offer without obligation.

Security Management

To manage your existing security environment, ZION SECURITY has selected cutting-edge technology to stay in control:

Splunk for searching all your logs of your entire security infrastructure: routers, firewalls, web application firewalls, IDS,... Splunk will help you to identify issues in your environment and to investigate incidents instantly.

Tufin has two solutions for firewall policy management: SecureTrack to track policy changes in all your firewalls (Check Point, Juniper, Fortinet, Cisco, F5, ...) and this can be linked with their SecureChange solution for change management of security policies.

Interested?

Please contact one of our experts for more information, a free trial or an offer without obligation.

Vulnerability assessment are required for each organization, small to large, to know their exposure and existing vulnerabilities in their infrastructure and web applications.

ZION SECURITY selected the best-of-breed solutions, providing continuous vulnerability assessments as a service:

WhiteHat to assess vulnerabilities like SQL Injection, Cross-site-scripting, ... in your critical web applications on a daily basis.

Qualys to identify open vulnerabilities in your infrastructure using QualysGuard and will alert of new security risks.

Interested?

Please contact one of our experts for more information, a free trial or an offer without obligation.

Web Application Firewalls

ZION SECURITY is a strong believer of virtual patching web applications with web application firewalls (WAF's). Therefore we have selected different solutions with their own specific approach and specifications to protect critical web applications.

The following products can be installed, managed and monitored by our Security Operations team:

• ModSecurity: the open-source web application firewall, blocking known attacks with the OWASP ruleset against SQL Injection, PHP Injection, Cross-site-scripting,...
• Profense: the ideal solution to protect your virtual web environments, by installing a virtual cluster of Profense web application firewalls
• F5: F5 is well-known for its load-balancer BIGIP but there is a very interesting module Application Security Manager (ASM) running on BIGIP that offers in depth protection of web applications and web services. ASM implements a positive security model

Interested?

Please contact one of our experts for more information, a free trial or an offer without obligation.

Qualys

Qualys has been founded in 1999 and is headquarted in the USA with branch offices in China, France, Germany, Japan, the UAE and the UK. More than 5.000 organizations in 85 countries rely on the technology of Qualys for an aggregate of over 500 million IP audits per year.

ZION SECURITY selected Qualys for their innovative Software-as-a-Service technology, called the QualysGuard Security and Compliance Suite.  This technology provides an industry leading vulnerability management service with a robust IT compliance solution, comprehensive web application scanning and malware detection services.

Using the QualysGuard Suite, organizations are able to:

• Define policies to establish a secure IT infrastructure
• Automate security assessments and manage vulnerability risks on systems and applications effectively
• Mitigate risk and eliminate threats utilizing the most trusted vulnerability management application in the industry
• Monitor and measure IT compliance from one unified console (saving time and reducing costs)
• Distribute custom security and compliance reports

Furthermore, ZION SECURITY utilizes the Qualys Secure Seal solution which scans your website(s) for the presence of malware, network and web application vulnerabilities, as well as SSL certificate validation.  When the website is considered as safe, a secure seal is displayed on your website. 

The QualysGuard IT Security and Compliance Suite is available as an Enterprise Edition for large, distributed organizations and as an Express Edition for small to mid-sized businesses.

Official Partnership announcement

Qualys Press Release Partnership announcement

Interested?

Please contact one of our experts for more information, a demonstration or an offer without obligation.

Why securing web applications?

When a password is compromised, the results can be disastrous to a company. Adversaries can pose as trusted users and access or destroy privileged and confidential information. When web applications are used, the risks are further compounded by the fact access is easily available with a simple web browser anywhere.

From company line-of-business applications to the corporate SharePoint intranet, an account that is breached can cost a business highly in financial loss, proprietary information disclosure, lost productivity and the potential of a damaged reputation.

The AuthAnvil Web Logon Agent offers companies the ability to add strong two-factor authentication to web applications running on Microsoft's Internet Information Server (IIS). It provides a simple and consistent authentication experience in front of any web application or portal installed into IIS, including Outlook Web Access (OWA), Remote Web Workplace (RWW), MSCRM and SharePoint.

And it offers identity assurance by requiring users to provide their AuthAnvil passcode before they can access the underlying web application or portal.

Download the PDF below for more detailed information.

Securing Web Applications

Want to know more?

For more information or a custom quote, please feel free to contact one of our representatives.

Windows DirectAccess

Windows Server 2008 R2 introduces an excellent remote access feature in DirectAccess, a new user experience which seamlessly connects Windows 7 based workstations to their corporate network any time they have Internet access. With DirectAccess, users are able to access corporate resources (such as e-mail servers, shared folders, or intranet Web sites) securely without connecting to a virtual private network (VPN).

With such easy access to the corporate network, strong authentication is a vital component to help definitively prove with confidence that when someone is using that workstation and gaining access to your company's resources in the office, they are who they say they are.

Download the PDF below for more detailed information.

Windows DirectAccess

Want to know more?

For more information or a custom quote, please feel free to contact one of our representatives.

Why securing VPN?

The growth of remote access for teleworkers and employees in the field has driven the use of virtual private networking (VPN) for many businesses connected to the Internet. This creates a secure tunnel between the remote worker and the corporate network to protect data in transit over an unsecure network like the Internet. This is typically done using Secure Socket Layer (SSL) or IP Security (IPSec).

Unfortunately, VPN alone does not provide assurance that this remote workforce is who they say they are. A virtual private network that doesn't use strong authentication isn't that private at all. If a user's password can be captured and used, an adversary can easily gain access to corporate information assets without anyone even knowing, as long as they have access to the VPN client software.

This becomes even more of a concern when using SSL VPNs. While easier to deploy than typical VPN solutions, SSL VPNs become easier targets for hackers as there are no special configuration or client software to install... they just need to have a web browser present. The need for strong authentication becomes more evident as you consider just what sensitive and proprietary information assets are then exposed through the use of a simple web browser.

Download the PDF below for more detailed information.

VPN Remote Access

Want to know more?

For more information or a custom quote, please feel free to contact one of our representatives.

Why Securing Windows Logon?

When a password is compromised, the results can be disastrous to a company. Adversaries can pose as trusted users and access or destroy privileged and confidential information. In a Windows network the risks are further compounded by the fact a single Active Directory password credential will open up access to resources all over the organization.

From company database resources to the corporate Sharepoint intranet, an account that is breached can cost a business highly in financial loss, lost productivity and the potential of a damaged reputation.

The AuthAnvil Windows Logon Agent offers companies the ability to add strong two-factor authentication to Microsoft's Windows client and server operating systems. It provides a simple and consistent logon experience no matter if they logon at the local desktop or through a terminal session. And it offers identity assurance by requiring users to provide their AuthAnvil passcode during the logon process. 

Download the PDF below for more detailed information.

Securing Windows Logon

Want to know more?

For more information or a custom quote, please feel free to contact one of our representatives.

Why Strong Authentication for web agencies

WHID, the Web Hacking Incident Database, published a Top 10 list of application weaknesses that are actively being exploited. This analysis is based on security incidents in the first half of 2010.

The conclusion is that insufficient authentication (stolen passwords/credentials) is one of the most popular attacking methods in 2010. Web agencies need to have a clear and efficient password policy to prevent from being succesfully attacked.

ZION SECURITY developed, together with AuthAnvil, a custom strong authentication solution for web agencies. Download the whitepaper below to learn more. 

Strong authentication for web agencies.pdf

Want to know more?

For more information or a custom quote, please feel free to contact one of our representatives.

 Malware Monitoring

Our Web Anti-Malware (WAM) Malware Monitoring periodically scans your website for malware infections. If we detect that your website has been infected, you will receive an immediate alert with diagnostic information to remove the infection.

Armed with the diagnostic information, the customer (or its web hosting provider) can remove the malicious code, in many cases before the site would get blacklisted.

As a result, the site can continue to operate as normal and avoid getting blacklisted, even after suffering a malware attack. We continue to monitor the site and send alerts if malware activity is detected in the future.

For example Javascript viruses will be immediately detected and escalated to the customer to prevent that visitors of the customer's web site are infected.

Your Key Benefits:

• Avoid getting blacklisted (and avoid revenue and brand losses) with regular scans of your site
• Instant alerts of malware activity on your site (most often before blacklisting occurs)
• Actionable information to resolve the malware problem quickly and avoid getting blacklisted
• Detailed weekly malware scanning reports

Sign up for the Web Anti-Malware Monitoring now by entering your domain name.

Download the PDF for more general information.

Download the PDF about how malware attacks occur.

Download the PDF about malware hurts web business.

 Blacklist Monitoring

If a site has been infected with malware, there is a good chance the site will get blacklisted by Google, Firefox, Internet Explorer, and/or the desktop anti-virus companies. If this happens, the website will suffer losses of traffic, revenue and brand.

Often, sites first discover that they have been blacklisted when a customer notifies them of the blacklisting. We provide an alert service to help websites react quickly if their site has been blacklisted.

The Web Anti-Malware (WAM) Blacklist Monitoring frequently checks your website against a variety of blacklists. If the website appears on a blacklist, you receive an instant alert. You can subsequently return to our experts and diagnose any problems with the blacklisted site.

Your Key Benefits:

• Minimize losses by reacting quickly if your website is blacklisted
• Checks your website regularly against a variety of important blacklists including Google, Firefox, Chrome, and others
• Get an instant alert if your site is blacklisted
• Weekly blacklist report

Sign up for the Web Anti-Malware Blacklist Monitoring FOR FREE by entering your domain name.

Download the PDF for more general information.

Download the PDF about how malware attacks occur.

Download the PDF about malware hurts web business.

Anywhere+

The number of employees who work outside the traditional office is rapidly increasing and perhaps surprisingly now constitutes the majority for many businesses.

Roaming employees now connect to the Internet from a variety of locations, from their homes and client offices to airport lounges and hotel hotspots. However, the benefits of employees working outside the office are tempered by some obvious problems, chief of which are lower levels of security and increased vulnerability to Web malware.

IT administrators have little or no control over roaming employees' access to inappropriate Web content. This situation is not helped by the fact that roaming employees are five times more likely to access inappropriate content on the road than in the office.

Even more worrying is that roaming employees only use VPNs 17% of their browsing time. How are they controlled and protected the other 83% of the time?

Anywhere+ is ScanSafe's SaaS Web Security for real-time protection and policy enforcement for your roaming employees. With Anywhere+ it is finally possible to protect your roaming employees wherever they are working.

Unlike traditional approaches which rely on software and appliances, Anywhere+ is delivered as a service for complete security, reduced complexity and simplified user management. Anywhere+ removes the performance issues and bandwidth congestion associated with backhauling Web traffic over the corporate VPN, so your security perimeter is now anywhere you want it to be.

All Web traffic flowing to ScanSafe's upstream datacenters is SSL encrypted leading to improved security over public networks. With Anywhere+, log information is securely in your hands, not on a file on the local PC. Reporting data is automatically and continuously aggregated across internal corporate users and roaming users.

Policy changes can be implemented immediately - no need to wait for client software to try to update itself on its own schedule. Policy changes are active within seconds, globally.

Anywhere+ is deployed through a lightweight driver (7MB) that requires minimal memory (less than 16MB RAM) to authenticate and direct your external client Web traffic to ScanSafe's scanning infrastructure.

Download the PDF about ScanSafe Anywhere+ for more information.

Please consult one of our representatives for more information or a quote.

Case Study

Oiltanking is one of the largest independent stocking partners for oil, chemicals and gasses. Oiltanking possesses and exploits 70 terminals in 21 countries with a total stocking capacity of more than 17,2 million cubic meters.

Read now why and how Oiltanking has deployed the ScanSafe solution together with our security experts:

Case Study ScanSafe Oiltanking.pdf

Web Malware Scanning

Web browsing has become the favorite target of malicious code writers seeking to compromise your network. The number of browser vulnerabilities continues to rise, fuelling zero-hour exploits which can infect systems before patches or signatures are available.

The threat is moving from the inbox to the browser with increasing focus on gaining financial advantage. This is most evident in the recent rise of spyware which comes in a wide variety of forms, from programs that steal confidential information to nuisance adware.

By the time most administrators realize they have a problem, the damage is already done, and they are left with the high cost of remediation, lost productivity, and unnecessary network traffic and system instabilities.

Increasing browser vulnerabilities, zero-hour threats, and the insertion of malicious code on legitimate sites have made real-time malware scanning essential (simply filtering by URL leaves a large security gap).

Scansafe's Web Malware Scanning service eliminates all types of harmful Web malware, including spyware, viruses and zero-hour threats before they can enter and infect your network.

This service delivers true layered defense through a combination of multiple best-in-class signature scan engines, multiple reputation and behavior analysis engines, automated machine-learning heuristics, and the industry's largest Web data set.

All Web requests are scanned in real-time, rather than solely relying on static URL lists, providing you with dynamic, real-time, and multi-layered protection.

Anti-malware scan engines will protect your network from threats that have been previously identified and documented. But what if your network is one of the first to be attacked?

Signature-based scanning alone will not provide the protection you need. Scansafe has developed Outbreak Intelligence, a proprietary security platform which analyzes URL reputation, traffic behaviour, code behaviour and code reputation in addition to signatures to detect unknown as well as known malware. Once it has detected unknown malware, Outbreak Intelligence automatically propagates the protection to the scanning layer, where the threat is neutralized before it can reach your network.

Download the PDF about ScanSafe Web Malware scanning for more information.

Please consult one of our representatives for more information or a quote.

Case Study

Oiltanking is one of the largest independent stocking partners for oil, chemicals and gasses. Oiltanking possesses and exploits 70 terminals in 21 countries with a total stocking capacity of more than 17,2 million cubic meters.

Read now why and how Oiltanking has deployed the ScanSafe solution together with our security experts:

Case Study ScanSafe Oiltanking.pdf

 ZION VERIFIED: Different modules

We developed, on customer demand, different modules:

ZION VERIFIED Light allows you to scan and retest your applications solely using the automatic software of WhiteHat.

ZION VERIFIED Business allows you to scan and retest your applications with WhiteHat in combination with manual tests performed by our security experts

ZION VERIFIED PCI: The difference with ZION VERIFIED Business is that we add an "introduction to web application security" training to satisfy PCI compliancy and we can generate a PCI report.

The course provides an overview of the fundamental principles of website security and meets PCI-DSS requirement 6.5b which covers developer training on secure coding techniques. All participants will receive a certificate confirming course completion.

The ZION VERIFIED PCI report delivers both an overview and an in-depth look into the PCI compliance of each website under management. For each vulnerability class, the report details how the vulnerability is exploited, gives protection advice and lists links to reference information. Open vulnerabilities of each class on the customer's website are also listed.

Contact one of our experts for more information or a quote without obligation.

ZION VERIFIED key benefits:

1. Managed Web Application Security

• No need to hire external consultants or penetration testers for a one-shot security audit
• No need to train internal people about web application security and the most recent attacks and countermeasures
• Custom-built web applications will be tested on a regular schedule 
• We provide clean, detailed information regarding each vulnerability identified (including remediation recommendations)
• ZION SECURITY will contact the right people in your organization to fix the vulnerabilities and we make sure that it is fixed!

2. Predictable costs & Unlimited assessments

• ZION VERIFIED is subscription based. So no matter how many times you run your application assessments, your costs remain the same.

3. Turn-key service

• No additional Staff or Infrastructure
• No software configuration or management

4. WAF Integration

• A fast and safe Web Application Firewall (WAF) integration closes the loop between vulnerability detection and mitigation. Our security experts can install and configure a WAF to block all discovered vulnerabilities. ZION VERIFIED integrates with the WAF of F5 or our ZION SECURED solution.

5. Scalable to fit any environment

• ZION VERIFIED can scale and assess the largest and most complex websites simultaneously

 WhiteHat

ZION VERIFIED is a unique service consisting of a combination of software (WhiteHat Sentinel) and manual testing. ZION SECURITY is the first enterprise in Europe that has the right to use this software.

WhiteHat Security is a leading American provider of website security services. It was founded in August 2001 by a team led by Jeremiah Grossman, a security industry veteran and former Yahoo! information security officer. Jeremiah founded the company to provide a comprehensive solution to the growing problem of website security.

WhiteHat Sentinel is the most accurate, complete and cost-effective website vulnerability management solution available on the market. WhiteHat Sentinel is built on a Software-as-a-Service (SaaS) platform designed from the ground up to scale massively, support the largest enterprises and offer the most compelling business efficiencies, lowering your overall cost of ownership.

This software has been especially developed to test and scan (custom) web applications, what makes it unique in the market.

As you might know, there are currently 24 broad classes of attacks. And, since every web application is unique, we're dealing with known classes of vulnerabilities in completely unknown code. The challenge is to figure out in each unique website, exactly where and how these vulnerabilities are implemented in the code. That's where WhiteHat Sentinel differentiates from other products.

Most of medium and large organizations in America, with critical web applications, are already using WhiteHat.

 What is ZION VERIFIED?

ZION VERIFIED closes the gap between detecting, fixing and retesting vulnerabilities in your web applications. 

ZION VERIFIED scans your web applications at regular intervals. We find your vulnerabilities, propose a solution to your development team and prove that they were resolved by verifying the solution.

Our service consists of a combination of software and manual tests. The software comes from WhiteHat, an American web application security company. This software has been especially developed to test and scan (custom) web applications, what makes it unique in the market.

Aside from using the software to test your applications, our security experts also perform manual tests on your critical applications.

FOR A FIXED AMOUNT EACH YEAR!

ZION VERIFIED handles your web applications vulnerability management for you. However, it also puts you in the driver's seat of multitude tasks that put you in charge.

 You can:

• Request to schedule a new scan for an application.
• Request a manual retest of a vulnerability that you already addressed.
• Send a general support question about software security to ZION SECURITY.
• Receive vulnerability reports in HTML format. As ZION VERIFIED identifies vulnerabilities, it classifies them according to the 24 Web Application Security Consortium (WASC) vulnerability classes and the OWASP Top 10.
• ... 

ZION VERIFIED scans for business logic flaws and vulnerabilities. It tests for example the OWASP Top 10 and the WASC 24 classes. The OWASP Top Ten represents a broad consensus about what the most critical web application security flaws are. ZION VERIFIED is always up to date with the newest vulnerabilities.

ZION SECURITY is the first European company that can offer this new and innovative service toward his customers!

Strong Authentication

ZION SECURITY cooperates with Scorpion Software to secure the access to (web) applications using strong authentication. AuthAnvil is the technology to generate strong passwords.

AuthAnvil's strong authentication solutions have been developed to provide identity assurance for untrusted remote connections and secure the primary access points to the corporate network. AuthAnvil's products provide two-factor authentication for Windows logon, network device logon, remote access and web access.

ZION SECURITY also developed a special solution package for web agencies.

Customers have the choice to work with hardware tokens, software tokens or a combination of both technologies. The software token technology turns your Windows Desktop, Windows Mobile, RIM Blackberry, Apple iPhone or Google Android into an AuthAnvil SoftToken authentication device.

ZION SECURITY is authorized reseller of AuthAnvil Strong Authentication and has the right expertise and skills to implement and support the solution in your network infrastructure.

Act now and protect your corporate value by securing the access to critical applications.

Want to know more?

For more information or a custom quote, please feel free to contact one of our representatives.

 Web Anti-Malware

Planting malware is evaluating into a growing and concerning problem. Over the last two years there was a 600% increase in web based attacks. Hackers target legitimate web sites to plant malware. At this moment more than 1 million pages are infected per month. Several reports claim that planting malware on target web sites was already the number one security attack for online criminals last year (2008).  

Web malware infections can have a serious impact on business revenue. Google, Firefox, Internet Explorer and anti-virus companies blacklist infected websites. On top of that, your website suffers damage concerning brand and reputation by infecting visitors.

Our Web Anti-Malware (WAM) solution, part of ZION VERIFIED, consists of two services: Blacklist monitoring and Malware monitoring.

Web Application Firewall

A Web Application Firewall (WAF) is a layer 7 Firewall (often called proxy firewalls). Because it acts on the application layer, it may inspect the contents of the traffic, blocking specified content, such as certain websites, viruses and attempts to exploit known logical flaws in client software.

ZION SECURITY offers as well commercial Web Application Firewall solutions like F5 and Profense, as open source solutions like Modsecurity. Our security operations team can install and configure these types of WAF's in your infrastructure.  

However the disadvantage of a WAF is that the monitoring of the WAF needs a certain level of web security expertise. This is one of the main reasons why most organizations do not have yet a WAF installed. That's why ZION SECURITY has developed a unique solution, called ZION SECURED WAMAF.

ZION SECURED WAMAF is Security-as-a-Service and completely managed and monitored by our web security experts. ZION SECURED WAMAF protects your web site(s) and web server(s) against attacks and generates detailed reports of detected attacks. More information on www.zionsecured.com.

By using a combination of a WAF with our vulnerability assessment solution ZION VERIFIED, organizations can rest assured that their web applications are secure. The website will be protected to the maximum and your developers will learn how to write secure code in the long run.

Web Security

ZION SECURITY cooperates with Scansafe to protect your users against web based threats.

ScanSafe is the pioneer and largest global provider of SaaS (Software as a Service) Web Security, ensuring a safe and productive Internet environment for businesses.

ScanSafe solutions keep malware off corporate networks and allow businesses to control and secure the use of the Web. As a SaaS solution, ScanSafe eliminates the burden of purchasing and maintaining infrastructure in-house, significantly lowering the total cost of ownership.

Powered by its proactive, multilayered Outbreak Intelligence^TM threat detection technology, ScanSafe processes billions of Web requests and millions of blocks each month for customers in over 100 countries.

Discover now the different possibilites and solutions like Web Filtering, Web Malware scanning and Anywhere+ (which protects your remote workers).

Case Study

Oiltanking is one of the largest independent stocking partners for oil, chemicals and gasses. Oiltanking possesses and exploits 70 terminals in 21 countries with a total stocking capacity of more than 17,2 million cubic meters.

Read now why and how Oiltanking has deployed the ScanSafe solution together with our security experts:

Case Study ScanSafe Oiltanking.pdf

Implementation of Security solutions

ZION SECURITY is your partner to implement various security solutions in your ICT infrastructure. ZION SECURITY has selected the world leading software solutions in the field of web application security and network security.

ZION SECURITY partners with ScanSafe (Cisco) to protect and control your users while browsing the web. ScanSafe is known for its innovative solution Anywhere+ which enables organizations to protect their laptop users when connecting in a hotel, airport,... without using the VPN.

ZION SECURITY implements and monitors as well commercial Web Application Firewalls as open source solutions like Modsecurity. Our security operations team can install and configure these types of WAF's in your infrastructure or you can choose to work with our own developed Web Application Firewall as-a-Service.

Furthermore, we secure the access to your web applications using strong authentication and we protect your web pages against malware infections.

 Interested?

Please contact one of our experts for more information or an offer without obligation.

Telecom Security

More and more organizations are using the various functionalities of Voice-over-IP (VoIP). But no matter which technology (analog or VoIP) your organization uses, are you sure that your telecom infrastructure is protected against attacks from hackers?

During the past months, our security experts have been contacted by some organizations whose telecom infrastructure has been hacked. Hackers could make calls for free and the costs for these hacked organizations varied from 10.000 up to 100.000 euro's.  

To make sure your infrastructure is well protected, ZION SECURITY can execute a security test on your telecom infrastructure, to discover vulnerabilities and to help solve these vulnerabilities and leaks. This can be an external (Black box) or internal (White Box) security test.

One of the techniques we use, during the security test, is "wardialing". This is a technique that already exists for a long time. Wardialing is now popular because many organizations use VoIP, which poses the following questions:

1. Do you know what is connected on your telecom infrastructure?
2. Are all documented modems the only modems in your network?
3. Can you remote configure the telecom infrastructure?
4. ...

Answers on these questions are available after executing a "wardialing"- test. Our security experts scan all telephone numbers your organization uses and we investigate if it is a modem, fax,...

Prevent being hacked by protecting your telecom infrastructure now!

Want to know more?

For more information or a specific quote adapted to your situation, please feel free to contact one of our representatives.

  ZION VERIFIED

What are organizations doing at this moment to protect their critical web applications?

Organizations rely on a third party to execute penetration tests. This is a manual test performed by security experts. The penetration test detects all kind of leaks and vulnerabilities in the application or infrastructure. The third party delivers a list with vulnerabilities that have to be solved by the organization itself.

Unfortunately, at this point the penetration test stops and in most cases the list of vulnerabilities will not be followed up by the third party...

Over the last couple years we investigated that practically every (medium or large) organization has difficulties to solve the vulnerabilities and leaks the penetration test had detected.

However website security is more than just detecting vulnerabilities and leaks. It's about scanning, detecting, fixing and retesting the vulnerabilities in your website. It's a never ending security lifecycle that has to be monitored 24/24, 7/7.

Discover here how ZION VERIFIED helps organizations to manage their web security risks.

 Penetration test

Do you wish to know if your IT infrastructure and web applications are protected sufficient against threats like virusses and hackers?

ZION SECURITY scans your infrastructure and applications, for a fixed price, for leaks and vulnerabilities. In a first meeting between the customer and our security experts, we discuss what exactly has to be tested and how. Penetration tests can be executed in different ways, namely Black box testing and White box testing.

Black box testing assumes no prior knowledge of the infrastructure and applications that has to be tested. We act like a real hacker and try to break into your applications and systems. Our security experts must first determine the location and extent of the systems, before beginning the analysis. White box testing provides the testers with complete knowledge of the infrastructure that has to be tested. This can include network diagrams and IP addressing information.

The customer decides which methods can be used to execute the penetration test and where the focus lays (on an infrastructure level or web application level).

Upon completion of this scan the customer will receive a final report containing:

1. The network scheme as identified by ZION SECURITY
2. A list of vulnerabilities and leaks in your applications and systems
3. A plan of operation indicating the priority, possible cost and the time of implementation

This report will be discussed at length with the responsible person regarding these matters in the company.

The difference between a penetration test and Quick Scan is that a penetration test has a larger scope and is not limited in time. A penetration test is ideal for obtaining a clear picture of the general security level of your organization.

Files

ZION SECURITY Services - Design Review.pdf

 Interested?

Ask here for more information or an offer without obligation. However when a one-time audit of your web applications is not enough, please check out or new service ZION VERIFIED.

Quick Scan

ZION SECURITY developed a specific solution called Quick Scan on customer demand.

When choosing a penetration test, the customer has the possibility to test and scan the entire infrastructure and applications for leaks and vulnerabilities.

The difference between a penetration test and Quick Scan is that a Quick Scan is a lighter version of the penetration test. Here the scope and time are limited. The customer indicates in a first meeting which application or infrastructure has to be tested for vulnerabilities and leaks.

Upon completion of the Quick Scan the customer will receive a final report containing a list of vulnerabilities and leaks. The report also contains a plan of operation indicating the priority, possible cost and the time of implementation.

This report can be discussed with the person responsible for these matters in the company.

Our Quick Scan is ideal for organisations that want to have a global idea about the security level of their infrastructure and applications.

A Quick Scan can also be customized, for example an extensive scan of one specific application.

   Interested?

Ask here for more information or an offer without obligation.

Code review

ZION SECURITY is expert in executing code reviews, manually or automated. A code review is required when the objective is to find all vulnerabilities and backdoors in a (web) application. Often we complement code review with security testing to verify the exploitability of the identified vulnerability.

Code review also allows to give in depth countermeasures to secure the application and to train developers to prevent future holes.

During most code reviews we have identified security issues in the business logic of the application, which would not have been found using a penetration test approach.

Files

ZION SECURITY Services - Code Review.pdf

Want to know more?

For more information or a custom quote, please feel free to contact one of our representatives.

Security testing

The main purpose of security testing is to identify the existence of security controls (authentication, authorization, input validation, ..).

For example the risks for authentication and authorization include access to the system by an unauthorized user, theft of usernames or passwords and password cracking/dictionary attacks, and ability to bypass authentication or authentication logging.

All attacks and tests are executed manually. ZION SECURITY only uses automated tools for specific functions like brute-forcing ports, passwords, identifiers,...

Our security experts follow a certain methodology. In a first meeting, the methodology will be discussed and can be adapted on customer demand.

Discover our one-shot security testing solutions like Code Review, Quick Scan, Penetration Testing and Telecom Security. We also developed a solution on customer demand to continuously test your applications (ZION VERIFIED) and network infrastructure (Security Audit). 

Files

ZION SECURITY Services - Security Testing.pdf

 Interested?

Please contact one of our experts for more information or an offer without obligation.

 Security Audit

ZION SECURITY is your independent partner to validate your ICT infrastructure. Our experts can execute a traditional one-time security audit to detect leaks, vulnerabilities and potential security issues in your ICT infrastructure.

However, ZION SECURITY developed a more efficient methodology to control and monitor your ICT infrastructure on a daily, weekly, monthly,... base to be sure that your ICT environment is well configured and protected. Our security experts alert the responsible person(s) within your organization, if we detect critical vulnerabilities or issues. 

ZION SECURITY controls and monitors all your ICT components like:

• Anti-virus, anti-malware, anti-spyware
• (Web Application) Firewall(s)
• Server(s)
• Website, web applications and e-commerce solutions
• Telecom infrastructure
• ...

 Want to know more?

For more information or a custom quote, please feel free to contact one of our representatives.

AuthAnvil

ZION SECURITY uses the AuthAnvil technology to secure the access to (web) applications using strong authentication.

AuthAnvil's strong authentication solutions have been developed to provide identity assurance for untrusted remote connections and secure the primary access points to the corporate network. AuthAnvil's products provide two-factor authentication for Windows logon, network device logon, remote access, web access and offers custom authentication.

ZION SECURITY is authorized reseller of AuthAnvil Strong Authentication and has the right expertise and skills to implement and support the solution in your network infrastructure.

Please contact one of our representatives for more information about strong authentication.

E-Learning Threat Modeling

Threat Modeling is a key practice for organizations wanting to design and develop secure applications as it helps to identify potential security vulnerabilities early in the process when they are inexpensive to fix. This course walks through the Threat Modeling process step by step so that students understand the value of Threat Modeling and can build threat models for their own systems.

Lesson 1: Threat Modeling: Principles and Practices
After completing this lesson, you should be able to:

• Understand what Threat Modeling is
• Identify when it is appropriate to use
• Explain why Threat Modeling is useful
• Understand how to use Threat Modeling in application development

Free demonstration?

Please contact us for more information, a free demonstration or prices by phone (016/29.79.22), by mail (sales@zionsecurity.com) or by filling in a contact form through our website.

E-Learning Secure Coding for .NET

Once developers understand the basics, they are in a position to start learning more specific design and coding techniques for .NET application security. This course steps through the Open Web Application Security Project (OWASP) Top 10 as well as other common application security issues to demonstrate how applications are compromised and the design and coding practices that can help to secure applications from the Inside out.

Lesson 1: Cross-Site Scripting
After completing this lesson, you should be able to:

• Define Cross-Site Scripting (XSS)
• Recognize methods attackers use to realize an XSS attack
• Identify how XSS attacks compromise users and data
• Identify methods of mitigating XSS in an application

Lesson 2: Injection Flaws
After completing this lesson, you should be able to:

• Identify various types of injection flaws
• Identify means of mitigating injection flaws

Lesson 3: Malicious File Execution
After completing this lesson, you should be able to:

• Detail various methods attackers can use to execute malicious code
• Explain design, policy, and coding steps to protect against malicious file execution

Lesson 4: Insecure Direct Object Reference
After completing this lesson, you should be able to:

• Observe where direct object references occur in applications
• Understand methods of mitigating direct object reference attacks

Lesson 5: Cross-Site Request Forgery
After completing this lesson, you should be able to:

• Explain Cross-Site Request Forgery (CSRF) and its relationship to Cross-Site Scripting
• Explain how applications can protect against CSRF

Lesson 6: Information Leakage & Improper Error Handling
After completing this lesson, you should be able to:

• Describe the information attackers are interested in obtaining
• Describe reliable means of controlling information potential attackers can extract
• Explain methods of mitigating XSS in an application

Lesson 7: Broken Authentication and Session Management
After completing this lesson, you should be able to:

• Identify how an attacker can bypass normal authentication measures
• Review measures to thwart such attacks

Lesson 8: Insecure Cryptographic Storage
After completing this lesson, you should be able to:

• Identify the risks to sensitive data while "at rest"
• Review means of classifying and properly encrypting sensitive data

Lesson 9: Insecure Communications
After completing this lesson, you should be able to:

• Identify the risks inherent in not securing communications between users and applications
• Failure to restrict URL access
• Identify the risks inherent in not restricting access to URLs in your web server

Lesson 10: Failure to Restrict URL Access
After completing this lesson, you should be able to:

• Identify the risks inherent in not restricting access to URLs in your web server

Free demonstration?

Please contact us for more information, a free demonstration or prices by phone (016/29.79.22), by mail (sales@zionsecurity.com) or by filling in a contact form through our website.

E-Learning Secure Coding for Java

Once developers understand the basics, they are in a position to start learning more specific design and coding techniques for Java application security. This course steps through the Open Web Application Security Project (OWASP) Top 10 as well as other common application security issues to demonstrate how applications are compromised and the design and coding practices that can help to secure applications from the Inside out.

Lesson 1: Cross-Site Scripting
After completing this lesson, you should be able to:

• Define Cross-Site Scripting (XSS)
• Recognize methods attackers use to realize an XSS attack
• Identify how XSS attacks compromise users and data
• Identify methods of mitigating XSS in an application

Lesson 2: Injection Flaws
After completing this lesson, you should be able to:

• Identify various types of injection flaws
• Identify means of mitigating injection flaws

Lesson 3: Malicious File Execution
After completing this lesson, you should be able to:

• Detail various methods attackers can use to execute malicious code
• Explain design, policy, and coding steps to protect against malicious file execution

Lesson 4: Insecure Direct Object Reference
After completing this lesson, you should be able to:

• Observe where direct object references occur in applications
• Understand methods of mitigating direct object reference attacks

Lesson 5: Cross-Site Request Forgery
After completing this lesson, you should be able to:

• Explain Cross-Site Request Forgery (CSRF) and its relationship to Cross-Site Scripting
• Explain how applications can protect against CSRF

Lesson 6: Information Leakage & Improper Error Handling
After completing this lesson, you should be able to:

• Describe the information attackers are interested in obtaining
• Describe reliable means of controlling information potential attackers can extract
• Explain methods of mitigating XSS in an application

Lesson 7: Broken Authentication and Session Management
After completing this lesson, you should be able to:

• Identify how an attacker can bypass normal authentication measures
• Review measures to thwart such attacks

Lesson 8: Insecure Cryptographic Storage
After completing this lesson, you should be able to:

• Identify the risks to sensitive data while "at rest"
• Review means of classifying and properly encrypting sensitive data

Lesson 9: Insecure Communications
After completing this lesson, you should be able to:

• Identify the risks inherent in not securing communications between users and applications
• Failure to restrict URL access
• Identify the risks inherent in not restricting access to URLs in your web server

Lesson 10: Failure to Restrict URL Access
After completing this lesson, you should be able to:

• Identify the risks inherent in not restricting access to URLs in your web server

Free demonstration?

Please contact us for more information, a free demonstration or prices by phone (016/29.79.22), by mail (sales@zionsecurity.com) or by filling in a contact form through our website.

E-Learning Introduction to Web Application Security

During one hour we provide students with the basic concepts and terminology for understanding application security issues. It provides a definition of application-level security and demonstrates how these concerns extend beyond those of traditional infrastructure security. We discuss common application security vulnerabilities such as SQL injection, Cross Site Scripting (XSS) and authorization issues.

Lesson 1: Intro & Concepts
After completing this lesson, you should be able to:

• Explain how intended application functionality differs from the intended functionality and how it is interesting to an attacker
• Realize the potential for application inputs to be used as avenues for attack

Lesson 2: Real Case Studies - Notable Breaches
After completing this lesson, you should be able to:

• Appreciate the impact of poor security in production environments
• Justify the mitigation effort to minimize exposed attack surfaces

Lesson 3: Application Attack Demonstration
After completing this lesson, you should be able to:

• Understand the approaches an attacker uses to find application-level vulnerabilities
• Understand the potential for malicious use of features in a vulnerable application

Lesson 4: What is Application Security and Why is it Important?
After completing this lesson, you should be able to:

• Provide a working definition of application security
• Provide explanations of the chief application security concerns: Confidentiality, Integrity and Availability
• Explain why application security is important for organizations to address
• Describe the roles that major regulatory requirements play in secure application development

Lesson 5: SQL Injection Activity
After completing this lesson, you should be able to:

• Understand the basics of an SQL Injection attack
• Understand the potential impact of exploited SQL injection vulnerabilities
• Understand the basics of protecting an application from injection attacks

Lesson 6: HTTP Basics
After completing this lesson, you should be able to:

• Explain the difference between GET and POST requests
• Explain the Lifecycle of HTTP Requests
• Explain the benefits and risks of session authentication over HTTP Basic authentication

Lesson 7: Cross-Site Scripting Activity
After completing this lesson, you should be able to:

• Describe the mechanics behind Cross-Site Scripting (XSS) vulnerabilities and attacks
• Understand how XSS can abuse a user's trust
• Understand the types of risks the exploitation of XSS vulnerabilities poses to web applications

Free demonstration?

Please contact us for more information, a free demonstration or prices by phone (016/29.79.22), by mail (sales@zionsecurity.com) or by filling in a contact form through our website.

E-Learning for developers

ZION SECURITY provides E-Learning training for developers. Organizations can integrate these courses in their E-Learning environment or use our online portal.

With security-focused training for your development team, you build security into your application development process. ZION UNIVERSITY E-Learning is a solution designed by our web application security experts in cooperation with some international experts.

The E-Learning solution is created to help developers understand and apply the principles of secure design and coding.

At this moment we have 4 different E-Learning courses:

• Introduction to Web Application Security
• Secure Coding for Java
• Secure Coding for .NET
• Threat Modeling

Press release E-Learning

E-Learning Press Release

Free demonstration?

Please contact us for more information, a free demonstration or prices by phone (016/29.79.22), by mail (sales@zionsecurity.com) or by filling in a contact form through our website.

Armorlogic

Armorlogic is focused exclusively on web application and website security and was founded in 2004 by leading Internet security specialists from some of the world's largest Internet security consulting companies.

Armorlogic's goal is to provide a cost effective way to proactively protect web sites, web applications, and their users from attack in a way that network firewalls and intrusion detection systems can not.

Easy to install, maintain and use, Profense is used by thousands of businesses, governments and organizations all over the world to protect Internet facing applications, servers and data. To maximize protection and minimize maintenance and adjustment, Armorlogic believes that the positive security model should be the governing principle of IT security solutions.

ZION SECURITY uses the technology of Profense for ZION SECURED WAMAF, a Web Application Firewall as-a-Service. However, we can also install, configure and monitor the technology of Profense in your datacenter.

Interested?

Please contact one of our experts for more information, a free trial or an offer without obligation.

ScanSafe

ScanSafe is the pioneer and largest global provider of SaaS Web Security, ensuring a safe and productive environment for businesses. ScanSafe solutions keep malware off corporate networks and allow businesses to control and secure the use of the Web.

ScanSafe processes billions of Web requests and millions of blocks each month for customers in over 100 countries.

ZION SECURITY makes use of ScanSafe to protect each individual user against external threats.

ScanSafe Web Filtering enables businesses to implement granular control for both inbound and outbound communications. For example integrated outbound policy helps prevent leaks of confidential or personal data to the Web. ScanSafe Web Filtering protects your network and staff from undesirable Web content, drives productivity, optimizes network resources by reducing bandwidth congestion and provides comprehensive reporting.

ScanSafe Web Security analyzes every Web request to determine if content is malicious, inappropriate or acceptable based on the defined security policy. This offers effective protection against threats including zero-day threats that would otherwise be succesful.

ScanSafe Anywhere+ protects remote workers to the same level, whether they are working from home, from a hotel or even from a coffee shop. Anywhere+ automatically redirects users to the closest datacenter, ensuring that performance is always optimized.

Case Study

Oiltanking is one of the largest independent stocking partners for oil, chemicals and gasses. Oiltanking possesses and exploits 70 terminals in 21 countries with a total stocking capacity of more than 17,2 million cubic meters.

Read now why and how Oiltanking has deployed the ScanSafe solution together with our security experts:

Case Study ScanSafe Oiltanking.pdf

 Interested?

Please contact one of our experts for more information, a free trial or an offer without obligation.

Tufin: How to get it?

For a live demo or a quote, please feel free to contact one of our representatives.

Our security experts can give a demonstration of Tufin at your office. This will take approximately one hour.

Some screenshots

Click on the pictures for a more detailed view.

Screenshot 1: Object comparison

Screenshot 2: Rule and Object usage analysis

Screenshot 3: Firewall rule change report

Screenshot 4: Firewall OS Monitoring

Screenshot 5: Business ownership change report

Tufin: your benefits

Your key benefits using Tufin SecureTrack are:

• Tufin monitors firewall policy changes, reports them in real-time and maintains a comprehensive, accurate audit trail for full accountability.


• Analysis and clean-up of complex rule bases and objects. Tufin for example locates unused rules so that they can be removed, thereby eliminating potential security holes and improve performance. It also enables administrators to organize the rule base according to priority to improve performance and to reduce the need for additional hardware.


• Powerful simulation and risk analysis to identify potential security risks, ensure compliance with organizational security standards, and prevent service interruptions.


• Comprehensive monitoring of critical firewall operating system components and server performance indicators to prevent service interruptions and enable effective auditing.


• Best practice audit: Tufin compares current security policy to the industry's best practices to identify potential errors or areas for improvement.


• Integration with change management, ticketing systems.


• Intuitive, graphical views of firewall policies, rule bases and configuration changes for Check Point, Cisco, Juniper, Fortinet, F5 and Bluecoat firewalls.

What is Tufin?

Tufin SecureTrack is the leading Firewall Operations Management Solution.

It's capable of gathering detailed information from a very large number of firewalls and its real time policy monitoring and analysis capabilities make it an ideal partner for change management teams.

Tufin SecureTrack is the most comprehensive solution available for managing and auditing firewalls. With support for all major firewall vendors (Checkpoint, Cisco, Juniper, BlueCoat, F5, Fortinet), SecureTrack provides a cohesive, unified view of all of firewalls - along with many other security devices - on the network.

SecureTrack is essential to ensuring that a corporate security policy is being implemented consistently in an environment with multiple rule bases, geographies, and teams.

With Tufin SecureTrack, you will increase productivity of the whole organization by better understanding how to manage and audit your firewalls.  

Splunk: How to get it?

For a live demo or a quote, please feel free to contact one of our representatives. Our security experts can setup a demo at your office. This will take no longer than 30 minutes.

You can also download a free, limited edition of Splunk. Just click here.

Splunk: References

More than 350.000 people worldwide already are using Splunk, including over 1.000 licensed customers. Some examples are Cisco, Dow Jones, LinkedIn, Motorola, MySpace, NASA, T-Mobile, Verisign, Verizon, Visa and Vodafone.

All customers testify that they are improving operations, investigating security incidents in record time and meeting compliance requirements at lower cost, using Splunk.

Splunk: Your benefit

Your whole IT team will be smarter as they share saved searches, tag events, hosts and configurations with useful information and build their own dashboards with interactive charts, graphs, tables and more.

By making it possible for humans to interact with terabytes of IT data, Splunk is fundamentally changing how organizations manage, secure and audit increasingly complex computing environments.

Splunk: Enables to secure your IT infrastructure

Splunk gives you the opportunity to investigate security incidents in record time by searching and analyzing all your security-relevant data from one place.

It helps security analysts to investigate incidents in minutes instead of hours or days by searching and analyzing all security relevant data from one place - catching attackers and malicious insiders who had previously gone undetected.

Splunk improves your security posture by quickly filtering out false positives and visualize security information for situational awareness.

The figure below indicates how Splunk enables you to secure your IT infrastructure.

1. Index all the data you need to monitor and investigate any type of threat - OS, IDS, firewall, network device, DNS, DHCP, remote access and AAA logs, proxy, web, custom application logs and more.


2. Security analysts and incident response teams will initially adopt Splunk to investigate IDS and SIEM alerts, investigate activity for flagged users and investigate access to sensitive data.


3. As they go, they'll enrich the raw data by tagging events they encounter as significant; normalizing heterogeneous data formats on-the-fly by extracting and naming fields, such as usernames, and identifying and naming events, such as successful logins.


4. Automatically monitor for known bad events, and use sophisticated correlation via search, to find known risk patterns such brute force attacks, data leakage and even application-level fraud.


5. Security managers will take advantage of Splunk's reporting to get a birds-eye view of security-relevant events such as firewall reporting, IDS rule violations and login activity. Use Splunk proactively to search for attack footprints in response to reports of new zero-day attacks, review trends in logins and other activity to uncover suspicious patterns and anomalies to find previously undetected attacks.

What makes Splunk so different from other solutions?

Splunk is unique because of 6 reasons:

• Splunk indexes any data, every word of every event from any IT source in real time, without using databases, expensive connectors, custom parsers or proprietary consoles. It allows you to search for any term or grouping of words whole or fractional, in a google manner.


• Splunk lets you interact with your search results immediately. Zoom in and out on a time line of your results to quickly reveal trends, spikes and anomalies. Using statistics, graphs and other practical tools you can find in no time the needle in the haystack.


• Splunk is immensely scalable. Architecturally, Splunk can maintain online data access for years if desired using nothing more than a file system (no DB).


• Splunk does not use a Database and as such is schema-less.  All data is stored in an open format (gzip) and can be signed to ensure no one has tampered with the files.


• Splunk operates across all business units as IT search is not owned by a particular business unit. Splunk is a unifying tool that provides a predictable and common view into all log data across your organization.


• Splunk is build on a platform from which the customer can freely and with ease add on their own customization. So the customer has the ability to modify, if needed.

What is Splunk?

Splunk is IT search. For that reason Splunk is often called "Google for IT".

With Splunk you can instantly figure out what is happening anywhere in your infrastructure by making use of all the data being logged within your data center.

Only Splunk enables you to search, analyze, monitor and report on data from any application, server or network device in real time to troubleshoot application outages, investigate security incidents, meet compliance requirements, and more, in minutes instead of hours or days.

Logs, configurations, messages, traps and alerts, scripts, code, metrics and more. If a machine can generate it - Splunk can eat it !!!

Now you can search across terabytes of data in seconds to find that needle in the haystack, analyze hidden trends and instantly create reports to summarize activities. Schedule searches to alert on specific conditions and automate the delivery of reports.

Introduction to Summer Bootcamp

We're back! ZION UNIVERSITY organizes for the second year in a row a summer bootcamp about web application security. During 3 days, attendees learn to think as a hacker. Our security experts teach about the newest hacker tools and hacker techniques to exploit vulnerabilities in web applications.  

The target of this bootcamp is to create awareness and to get a clear view on the way hackers think. This enables you to do a basic evaluation of your applications on your own and to write secure code. Armed with this information, you will have the knowledge to better protect web applications against external threats like hackers and malware.

Last year we were honoured to welcome some respected organizations like for example Colruyt and Portima.

Program

The Bootcamp will be organized the last week of July during the first three days of these weeks.

We start the week with an introduction to the actual problems concerning web application security. We discuss the OWASP initiative, statistics and many more. We continue the day with an open discussion on how to implement a secure development lifecycle within your organization. To conclude we discuss the most common vulnerabilities in web 1.0 and web 2.0. Full program
On Tuesday we organize several hands-on sessions with tools to test web applications. After the lunch break we proceed with WebGoat, a Java web application that contains lessons with specific vulnerabilities like SAX Injection, web services SQL Injection, Cross-site-scripting, .... Full program
On the third and final day we explain how a web application firewall can protect you against the most common vulnerabilities. We discuss how you have to install, configure and monitor such a specific firewall. Using WebGoat we trace vulnerabilities in a fictive website and we show in real-time how a web application firewall prevents leaks from being exploited.  Full program

Who should attend?

This summer bootcamp mainly focuses on three categories of profiles, namely developers, security officers and IT managers.

Registration

The number of registrations is limited because our experts desire to work with small groups to create interactivity. You are not obligated to register for the three days. In other words it is possible to only register for the days you are interested in.

Please contact one of our representatives for more information or prices by phone (016/29.79.22), by mail (sales@zionsecurity.com) or by filling in a contact form through our website.

Products

Mollom HTTPModule

Whitepapers

• Case Study ScanSafe Oiltanking.pdf
• Presentation by Erwin Geirnaert at Infosecurity 2010
• Web hacking database bi-annual report
• Whitepaper: Analysis of an unknown malicious JavaScript
• Whitepaper: 10 tips voor een veilige eID implementatie
• Whitepaper: Selecting a secure open source content management system
• Case Study: Using Splunk for web application forensics
• Whitepaper: An overview of the current situation in the web application security landscape
• ZEND & OWASP ESAPI for PHP

Memberships

	The Open Web Application Security Project (OWASP) is a 501c3 not-for-profit worldwide charitable organization focused on improving the security of application software. Our mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks.
	Voka is the Flemish network of enterprises. it represents more than 16.000 companies in Flanders as well as in Brussels, covering 65% of the private enterprises and 66% of added value in Flanders.
	Leuven.Inc wants to build a permanent bridge between the enterprising knowledge creators and the technology entrepreneurs, that complement such knowledge, and to create out of this supplementary relationship a healthy and dynamic, future-oriented, expanding prosperity in the region of Leuven.
	LSEC is an internationally renowned Information security cluster, a not for profit organization that has the objective to promote Information Security and the expertise in Flanders and Belgium. It is supported by the Flemish institute for sciences and development (IWT) and has a broad membership base of over 60I Information Security specialized companies, and more than 500 individual Information Security Professionals , frequently accessing over 4000 Information Security specialists in Belgium.

ZION SECURITY in the press

Erwin Geirnaert appears on a regular base with a column in IT professional:

• Crisis als dankbaar excuus" 25 februari 2009
• Staat u ook op de lijst van gehackte sites?" 2 februari 2009
• "2009: het begin van de securitycrisis?" 14 januari 2009
• "Hoeveel zijn uw kredietkaartgegevens waard?" 6 januari 2009
• "U belt toch ook 'gratis'?" 19 november 2008

Interview with Erwin Geirnaert in Trends: "Buying on the Internet: the booby traps"

Interview with Erwin Geirnaert and Jessica Nieuwdorp in Het Nieuwsblad, De Gentenaar and Het Volk. Online version available here (in Dutch).

ZION SECURITY in Smart Business Strategies

Interview with Erwin Geirnaert in Jobat

ZION in Ondernemers

ZION SECURITY in Business ICT

ZION SECURITY in Zelfstandig Ondernemen

ZION SECURITY in De Vlaamse Ondernemer

Interview with Erwin Geirnaert in De Tijd

We are experts in IT and security

Our consultants are experts in IT and security and have years of expercience executing projects for large, medium and small enterprises. Thanks to our broad experience in IT we offer pragmatic solutions.

Founders

ZION SECURITY was founded in 2005 by Erwin Geirnaert and Jessica Nieuwdorp.

Erwin Geirnaert is a Master of Science in Computer Science from the University of Ghent, Belgium. He is specialized in information security. He obtained different international certifications like Certified Information Systems Security Professional from ISC² and Certified Information Systems Auditor from ISACA. He is a respected authority in the field of application security and has years of experience in securing e-business architectures. 

Colleagues

Johan Braeken graduated as professional bachelor in Applied Computer Science at the Provincial College in Hasselt. After a career at multiple Belgian consultancy companies such as Ubizen, Johan chose to join the ZION SECURITY -team. Johan has more than 10 years experience in information security and is a renowned Linux expert. He has various certificates and is specialized in networksecurity and firewalls. Johan has experience in penetration testing and audit, such as verifying whether systems are configured correctly according to the standards. Johan gives security training together with Erwin within ZION UNIVERSITY.

Maarten Aerts graduated in 2008 as a Professional Bachelor in Applied Computer Science. He worked at Ordina as a Junior Sharepoint Consultant. Maarten was hired by ZION SECURITY as a Software Security Expert.

Tufin

Most organizations have difficulties to manage and audit their increasingly complex firewall environments. Administrators today need a comprehensive management solution for monitoring all changes performed throughout their firewall policies.

Companies have come to understand the business impact of network security and to demand a high level of transparency and accountability. To meet these requirements, organizations need the ability to perform periodical audits to ensure compliance with three different levels of security directives: regulatory requirements, corporate policy and industry best practices.

Does your organisation has the capability to audit, manage and monitor your complex firewall environment?

Looking for a tool that can help you doing this? Discover now Tufin SecureTrack!

F5

F5 solutions provide an advanced web application firewall along with comprehensive web application security. This combination significantly reduces the risk of damage to intellectual property, data, and web applications. With F5, you get a complete solution that eliminates the need for multiple appliances, lowers maintenance and management costs, and increases the confidentiality, availability, and integrity of your applications and processes.

For more information please visit www.f5.com or contact one of our representatives.

ZION SECURITY offers managed application security services (MASS) with the F5 Big-IP Application Security Manager (ASM), a secure and accurate web application firewall.

Download a whitepaper from F5 about web application firewalls

app-firewall-wp.pdf

Breach Security

Breach Security, a leader in the emerging market for Intelligent Web Application Security, addresses today's Web security needs with next-generation Web protection solutions.

Breach's products address both enterprise and governmental needs using a unique combination of detection and prevention technology to secure business-critical Web applications from targeted cyber attacks.

ZION SECURITY partnered with Breach Security for the open-source product ModSecurity. ModSecurity is the creation of Ivan Ristic, one of the experts in web application firewalls. Our security experts can install and configure ModSecurity in your datacenter.

We also use ModSecurity for the Basic version of ZION SECURED WAMAF, a unique concept to protect your web site against attacks from hackers and malware.

Interested?

Please contact one of our experts for more information, a free trial or an offer without obligation.

WhiteHat Security

WhiteHat Security was founded in August 2001 by a team led by Jeremiah Grossman, a security industry veteran and former Yahoo! information security officer. Jeremiah founded the company to provide a comprehensive solution to the growing problem of website security.

ZION SECURITY is partner of WhiteHat Sec for the innovative web application scanning software called WhiteHat Sentinel.

WhiteHat Sentinel is built on a Software-as-a-Service (SaaS) platform designed from the ground up to scale massively, support the largest enterprises and offer the most compelling business efficiencies, lowering your overall cost of ownership.

We integrated WhiteHat Sentinel in our revolutionary service ZION VERIFIED. With ZION VERIFIED, you pay a single annual fee and you assess your applications as often as you like.

Click here for more information about ZION VERIFIED.

For more information about WhiteHat Security, please visit www.whitehatsec.com.

Splunk

Can you imagine the chaos using the Internet without a search engine?

Well, your datacenter is just as chaotic. Do you know at this moment what's happening in your IT infrastructure? How do you find the valuable information you need burled in all the logs? How do you detect the IT data your infrastructure generates every day?

Splunk has an answer on these specific questions.

ZION UNIVERSITY

ZION SECURITY developed, together with experts in the security field, different courses for our customers.

ZION UNIVERSITY offers customized classroom courses to match the customer's technology and software development methodology. These courses can be delivered in-house or off-site. Most courses are a mix of theory and hands-on labs.

New at ZION UNIVERSITY is the E-Learning solution for developers. Discover more about the possibilities of this new concept.

Planned courses

Currently the following classroom courses are available (on request):

• Hacking Web Applications: how to discover and abuse security vulnerabilitities in web applications
• Security Testing: how to test a web application for known security vulnerabilities
• Penetration Testing: how to attack a network, infrastructure and application using open-source tools
• Network Security: what is required to protect your network against hackers
• Application Security for Java: how to build secure Java (web) applications
• Application Security for .NET: how to build secure .NET (web) applications
• Web Services Security: how to protect web services against hackers
• ModSecurity: how to configure and use ModSecurity, the open-source web application firewall.

ZION UNIVERSITY: Interested?

Want to know more? Ask here for more information.