Recession has not been able to stop the thrust in innovation of IT security industry. Despite of global economic turmoil, security industry has brought out some major significant innovations. To greet their relentless effort, this section is a small effort from our side.

The year 2009 has seen major impact of recession in the entire IT security market. But surprisingly and most fortunately security innovations and researches have not been impacted as industry expected. We are fortunate enough to witness some significant security technology and solutions innovations from across the world. Vendors have shown their relentless effort to provide security industry and market best weapons to defend themselves. In this ‘Top 10 Security Innovations’ section of this anniversary issue, we will discuss 10 security innovations from security vendors, which have topped our list of choices. We are discussing these 10 innovations at random. This is to inform our readers that we have not ranked these innovations. This is absolutely to keep you updated with top 10 innovations, which we have chosen from our side. Hope our choices will also satisfy your choice also. If you need any further information on any of the below mentioned innovations, you are most welcome to send email to our editorial team.

Rebootless Updates: From Ksplice

Ksplice, a software technology for Linux (and maybe soon other platforms) designed to allow a system to be patched from the kernel level on up without having to be restarted.
Today, every mainstream operating system requires regular reboots in order to be up to date and secure. Since reboots cause downtime and disruption, people are forced into the uncomfortable dilemma of choosing between security and convenience. Any delay in patching software problems—even a delay of just a few days to arrange for downtime—can have serious consequences. Within just six days after the announcement of the Linux sys_prctl vulnerability, many servers had been compromised, including an important server for the Debian distribution.

Ksplice enables running systems to stay secure without the disruption of rebooting. Specifically, Ksplice creates rebootless updates that are based on traditional source code patches. These updates are as effective as traditional updates, but they can be applied seamlessly, with no downtime. Ksplice currently supports updating the Linux kernel, but the Ksplice technology applies to any operating system or to user space applications.

Innovative Endpoint Security -- IBM

IBM announced a first-of-a-kind endpoint security offering, IBM Proventia Endpoint Secure Control (ESC), which is designed to enable enterprises to escape from the constraints of vendor lock-in and to enhance endpoint security, compliance and operations at a lower cost. In brief, this solution makes endpoint management much easier.

The IBM ISS solution delivers endpoint security management designed to address two major problems in the industry today: the escalating cost of security and the growing complexity of endpoint security management. Companies today face a dilemma, they either have to choose between managing dozens of point security products separately to meet their needs or lock into one vendor who doesn't. The single vendor suites in the marketplace today are often a result of multiple security acquisitions that haven't been adequately integrated so that customers still need to manage separate point products. Further, the strategy that locks-in clients to one provider allows vendors to remain complacent instead of innovating to provide the strongest security on the market. Both scenarios can mean rising operational and licensing costs for customers, and fall short when it comes to providing best-of-breed security. The IBM Proventia Endpoint Secure Control offering balances customer needs with a single security management interface and flexible choice of some of the best security solutions in the marketplace to address those needs.

The killer application in endpoint security is management. Historically, enterprises have had to make tradeoffs between consolidated security management and best-of-breed technology for endpoint security. With IBM Proventia Endpoint Secure Control, enterprises can benefit from best-of-breed security technology and consolidated management of the security products at the endpoint for the first time.

Voice Authentication -- From Voicetrust

The Voicetrust technology is a biometric procedure that uses far more characteristic data points than a fingerprint scanner or a face recognition system. This makes the Voicetrust authentication system extremely precise.

The automated phone dialog system asks the user to provide his name. An integrated speech recognition system allows the Voicetrust server to select the relevant user data. In a second step, the Voicetrust server compares the user’s voice with the stored voice profile and thus identifies the user without any doubt. The system is able to learn and can eliminate background noises as well as distortions like a hoarse voice.

International standard VoiceXML 2.0 have been implemented in this. This technology runs on platforms like Genesys VoiceGenie, IBM Websphere, and Envox. This solutions work seamlessly with background systems like Microsoft Windows, Active Directory, SAP, LDAP, RACF/HOST, RSA, UNIX, Novell, Oracle, Lotus Notes, Utimaco SafeGuard Easy and Remedy.

Innovative Technology to Counter WDoS Attacks -- From AirTight

AirTight Networks announced its unique technology to counter wireless denial of service (DoS) attacks in the mid of 2009. 802.11 wireless networks (WiFi) are vulnerable to many types of layer-2 DoS attacks. These attacks cause disruption to the operation of WiFi and can be launched even from outside the premises of an enterprise. They are particularly easy to launch since DoS attack tools are freely available and do not require specialized hardware or software.

Wireless DoS attacks on WiFi are inevitable. Even the emerging 802.11w standard or the proprietary technologies such as MFP address only a tiny subset of these DoS attacks leaving WiFi networks exposed to a larger set of these attacks. As organizations make more and more mission critical applications available over WiFi, DoS attacks have become an increasing concern. AirTight provides unique workflow to counter wireless DoS attacks in its SpectraGuard family of products as follows:

• DoS Attack Detection: Good DoS management workflow starts with accurate detection of DoS attacks while avoiding false alarms during normal wireless activity.

• DoS Impact Reduction: DoS attacks can completely wipe out legitimate wireless communication. While avoiding impact of DoS attack altogether is not possible, it is desirable to take measures to reduce the impact of DoS attack on legitimate communication whenever appropriate.

• DoS Attacker Location Tracking: Physical remediation is necessary for DoS attacks. For this, the administrator needs to know physical location of the DoS attacker device so that it can be removed from the wireless network. DoS attacker location tracking needs to work differently from location tracking of APs and clients. This is because; many of the DoS attacks are launched by spoofing authorized devices’ MAC addresses. Many others are launched using random MAC addresses.

Reputation-Based Technology – ‘Quorum’ from Symantec

Norton Internet Security 2010 and Norton AntiVirus 2010 leverage a new model of security, codenamed Quorum, to attain unmatched detection of new malware and advance far beyond traditional signature and behavior-based detection. Specifically, Quorum takes the greatest weapon cyber criminals have in their arsenal – their ability to generate unique pieces of malware at an alarming rate – and turns that very weapon against them.

Today, cyber criminals are furiously writing and then rewriting new and unique pieces of malware, hoping to stay under the radar of threat signatures for as long as possible. With Quorum, the very uniqueness of a file and its attributes is what helps us identify it as new malware. More than three years in the making, Quorum tracks files and applications and dozens of their attributes such as their age, download source, digital signature, and prevalence. These attributes are then combined using complex algorithms to determine a reputation. As a file is distributed across the Internet and these attributes change, Quorum updates the reputation of the file. This reputation is especially important when a file is new, likely to be a threat, and traditional defenses are not likely to detect it.

Check Point Software Blade Architecture

Check Point's Software Blade architecture offers a better way, enabling organizations to efficiently tailor targeted managed solutions that meet targeted business security needs. All solutions are centrally managed through a single console that reduces complexity and operational overhead. And as new threats emerge, Check Point's Software blade architecture quickly and flexibly expands services as needed without the addition of new hardware or management complexity.

The Check Point Software Blade architecture is the security architecture that delivers total, flexible and manageable security to companies of any size. A software blade is a logical security building block that is independent, modular and centrally managed. Software Blades can be quickly enabled and configured into a solution based on specific business needs. And as needs evolve, additional blades can be quickly activated to extend security to an existing configuration within the same hardware foundation.

Key Benefits of the Check Point Software Blade Architecture includes Flexibility, Manageability, Total Security, Lower TCO and Guaranteed performance.

Physical Unclonable Functions – From Verayo

Verayo, a security and authentication solutions provider, has announced its unclonable silicon chip, the Vera X512H RFID IC, designed to deliver low-cost authentication for the anti-counterfeiting, secure identification and access markets.

Verayo`s unclonable RFID chips are based on a silicon biometric technology called Physical Unclonable Functions (PUF). Physical Unclonable Functions (PUF) technology is one of the latest breakthroughs in semiconductor security. PUF is a silicon "biometrics" technology, a type of electronic DNA or fingerprint technology for semiconductor ICs. PUF extracts unique "secrets" from each and every IC. These secrets are used to authenticate ICs, and enable a broad range of security applications.

Unlike conventional security solutions, PUFs do not store secret keys for cryptographic operations. PUFs dynamically generate virtually unlimited number of unique, volatile secrets for each IC. PUFs are inherently tamper proof. An invasive physical attack on a PUF will change the PUF characteristics, and hence prevent successful authentication and disable key generation applications. PUFs eliminate the need to securely provision, store and manage cryptographic keys. PUFs can dynamically and securely generate new keys for every authentication event, or for provisioning new services.

DesktopDirect -- From Array Networks

Array Networks announced that its DesktopDirect solution allows people to remotely access their desktop even when the computer is turned off. By deploying Array’s DesktopDirect, enterprises can benefit from substantial energy cost savings, reduced carbon footprint and improved security since remote desktop access users don’t need to leave their computers on unnecessarily after work or when out of the office.

Employees leaving computers on for remote access create significant security risks for the enterprise. Other leading remote access solutions leave organizations vulnerable to RAM attack vulnerabilities that plague unattended desktops and data leakage through permanent connections opened from the end user workstation. Critical information also can easily be directly obtained from active, but unattended, desktops after office hours.

DesktopDirect is an Enterprise-class solution for secure access to office desktops anytime, anywhere. For IT managers, DesktopDirect provides an alternative to provide remote desktop access while still maintaining network security. DesktopDirect is completely controlled by the organization – eliminating the need to trust security or risk exposure to outside entities.

Software Integrity Center – From Coverity

Coverity, the software integrity company, announced Coverity Integrity Center. This offer from Coverity is designed for companies that want to reduce product failures and recalls caused by software problems, to make software changes faster and with less risk, and to achieve breakthroughs in product innovation through highly efficient development.

The Coverity Integrity Center provides a full set of precision software analysis products in a single offer. This combination enables customers to identify and eliminate the root cause of problems during the design, code, build, and test phases of software development. Coverity’s new offering will benefit organizations that employ agile or waterfall methodologies, regardless of whether their development environment is centralized or highly distributed.

Today, software runs the business; therefore the integrity of software directly impacts the integrity and competitiveness of a business. Software complexity is only increasing, so the most successful development shops in the coming years will be those that identify and adopt new technologies that build quality, performance, and security into every stage of the application lifecycle. The Coverity Integrity Center provides precision software analysis for architects, developers, build engineers, and quality and delivery teams. It includes Architecture Analysis, Static Analysis, Build Analysis and Dynamic Analysis.

BitLocker To Go – Windows 7 (from Microsoft)

Windows 7 extends BitLocker drive encryption support to removable storage devices, such as flash memory drives and portable hard drives. This means that users can keep sensitive data on all of their USB storage devices. This functionality is called BitLocker To Go. The technology is aimed squarely at enterprises.

In the enterprises there is an unprecedented risk of a user introducing an unprotected storage device outside the workplace. Specifically, the USB memory keys are small, convenient and quite easy to use, but they are easily lost. With BitLocker To Go enabled on the device, sensitive data can be protected in the event of loss or theft.

With BitLocker To Go in Windows 7 the enterprises can control USB storage devices in a better way. For instance, an enterprise might restrict USB storage device usage to those devices in a far more elegant fashion.

BitLocker is available in the Enterprise and Ultimate version of Windows 7. This limitation is referred to as the ability to enable protection on a removable storage device. After BitLocker To Go is added to a storage device, the device can be used with any version of the Windows 7 including the starter edition. BitLocker To Go is based on BitLocker technology and it optimizes the technical capabilities of BitLocker. It is compatible with all FAT (FAT32, exFAT, etc.) file systems as well as with NTFS. This increases its compatibility with current devices.

—By: 'InfoSecurity' Bureau.