I discovered today an important resource for all webmasters or site owners who fall prey to a hacking attack initiated by phishing groups.

What to Do If Your Website Has Been Hacked by Phishers is an extensive guide written by APWG experts and contributing researchers from FBI, Microsoft, Google, Universities and Banks.

The guide walks the phishing attack response plan step by step providing valuable tips and suggestions on how to handle a phishing hacking incident responsibly

• Identification
• Reporting (Notification)
• Containment
• Recovery
• Follow-up

On paper, the plan looks good , but I have my doubts that webmasters will keep their cool and not delete the phishing website once they find out about it.

Read the whole guide here (PDF)
 

• @rockyd will you be hosting a HA big ArcSight setup in your datacenter or managing remote ArcSight instances ? in reply to rockyd #

Powered by Twitter Tools.

Information Security Magazine has just released the 2008 Product Review Guide which summons the year long reviews on 56 security products. SearchSecurity.com presents the report as a best-buy guide

Specifically designed for information security managers tasked with evaluating and purchasing security hardware in 2009.

The topics which are covered represent almost a full sweep of the actual IT security technologies :  Application Security, Authentication, Configuration Management, Data Loss Prevention, Data Protection, Endpoint Security, Firewall, Identity Management, Incident Response, Compliance, Log Management, Mobile Security, Security Information/Event Management (Siem), Security Testing, Virtualization Security, Vpn, Web Security Gateway, Wireless Security.

In addition to these individual reviews, there are 2 comparative reviews :
Web application Firewall which presents :

• Barracuda Networks’ Web Application Gateway (formerly NetContinuum)
• Bee Ware’s iSentry
• Breach Security’s WebDefend
• Citrix’s Application Firewall
• F5 Networks’ Big-IP 8800 Application Security Manager;
• Imperva’s SecureSphere Web Application Firewall.

IT GRC Solutions which presents :

• Archer Technologies’ SmartSuite Framework
• Symantec’s Control Compliance Suite 8.60 and Modulo’s Risk Manager

I just wish ArcSight was included in the SIEM section or even better, a comparative SIEM review among :ArcSight, Novell, RSA. Now that would be useful !

You can download the free guide from SearchSecurity.com website.

Gartner has released the first application security-centric Magic Quadrant and I was surprised not by the landing of the players, but the accuracy and completeness of the $100 million market for SAST (Static Application Security Testing)

Magic Quadrant SAST includes : Fortify, Ounce Labs, HP, IBM, Veracode, Coverity, Parasoft, Kloowork, Microsoft, Compuware.

A few words about the occupants of the first two positions :

• Fortify has a broader vision and a greater ability to execute than anybody else which makes it the undisputed leader. What lacks Fortify, according to Gartner is an advanced capability to perform DAST (Dynamic Application Security Testing).

• Ounce Labs position does not reflect it’s performance in R& D entirely. Instead, the company seems to be well known for it’s DAST and SAST capabilities. A Historical weakness in marketing, as Gartner nicely puts it complements the 15% reduction of it’s workforce to cast a questionable shadow over Ounce Labs ability to grow it’s business any further.

This Magic Quadrant has been made public by Fortify and you can download it here (PDF). Alternatively, here is a link to a cached copy on my server.

UPDATE : OunceLabs released it’s own PR about this Gartner Magic Q taking advantage of their position as leaders. The leading phrase is, however, is a bit exaggerated :

Leading Analyst Firm Recognizes Ounce Labs for Completeness of Vision and Ability to Execute

C’mon guys..

UPDATE 2 : Coverity’s PR is also feeding on the recent Gartner Magic Quadrant