IBM has released new security products for combating web application attacks and to secure the integrity of data processed by web applications.
The company said that it has brought together its offerings designed to deliver web application security that includes security rich code development, vulnerability management, real-time blocking of attacks, dedicated security and performance for web services, and access management. The company said that the integration of its web application security offerings can allow enterprises to combat these types of attacks.
The latest component of the product, its Proventia SiteProtector 8.0, integrates a consolidated security management system with Rational AppScan – a product for web application vulnerability and secure code testing, and the company’s recently announced web application protection module for network and host intrusion prevention systems.
This combined product is said to offer features that include: consolidated reporting infrastructure; a common workflow system for managing security incidents; correlation of application vulnerabilities with security events and real-time attacks, enabling organisations to prioritise remediation to address threats.
The company has integrated the features of the WebSphere DataPower SOA Appliances with the centralised management of Tivoli Security Policy Manager. The company believes that this integration can help to enable enterprise architects and security operations to align business and IT by centrally managing and enforcing security policies for web services resources across multiple policy enforcement points.
IBM SiteProtector 8.0 is a product in the company’s information infrastructure portfolio for security, management and encryption.
According to the company the other offerings from the company include Proventia Server for Windows 2008 that allows organisations harness the security and compliance challenges in the heterogeneous datacentre; and IBM Tivoli Identity Manager 5.1 – featuring role management for enforcement of SOD, and Tivoli Security Information and Event Manager’s NERC module, security products that help improve security.
Dan Powers, vice president of business strategy at IBM Internet Security Systems, said: Web application security is one of the top pain points for enterprises today, and only IBM can offer a comprehensive solution designed to help turn the tide against SQL injection and other Web application attacks.
“Additionally, our integrated approach to security may help to reduce costs and simplify security management, which can ultimately reduce opportunities for human error and improve overall security posture.
