Create an Account
username: password:
 
  MemeStreams Logo

MemeStreams Discussion

search


This page contains all of the posts and discussion on MemeStreams referencing the following web page: Air Force Refocuses Network Defense. You can find discussions on MemeStreams as you surf the web, even if you aren't a MemeStreams member, using the Threads Bookmarklet.

Air Force Refocuses Network Defense
by possibly noteworthy at 11:03 pm EST, Jan 3, 2008

Did you read the original Unrestricted Warfare meme? (No one re-recommended it.) How about the one that Acidus recently posted? Or Rattle's notes from September?

Cyberspace is the latest realm that the U.S. Defense Department is seeking to dominate in its efforts to protect national security and to project force. But this goal has not gone unchallenged as hackers from a variety of nations and criminal and terrorist organizations have tried to penetrate government networks to steal information or cause damage.

The Defense Department has become adept at protecting its network perimeters with firewalls and intrusion detection systems. However, in recent years, hackers have found ways to access government networks through weaknesses in existing applications such as logistics or command and control systems. To counter these threats, the U.S. Air Force recently launched the Application Software Assurance Center of Excellence (ASACE) to assess and strengthen its defenses against internal attack.

See also, Service Improves Defense Against Application-Level Attacks:

The U.S. Air Force is building an Application Software Assurance Center of Excellence to detect threats to its applications and prevent scans from becoming full-blown attacks. The move is due in part to the increase in the number of scans the Global Information Grid receives each day, now up to more than 3 million. The center will be located at the Air Force’s 754th Electronic Systems Group, Maxwell Air Force Base. Among the security measures that will be used are source code analysis, penetration testing, application shielding and database monitoring. Telos Corporation is providing the software and services for the project.

This transition is raising concern in military circles that there will be break-in attempts, such as using SQL injection attacks, cross-site scripting or other assault methods to try to throw Web-based logistics systems into disarray.

Fortify Software won the biggest piece of the initiative and will provide the Air Force with more than $7 million in software. The Air Force will buy and use three Fortify software packages, each designed to look for a specific class of security vulnerabilities during the software development process when flaws are most likely to occur and are the easiest to fix.

As the prime contractor, Telos assembled a team including application security industry leaders that specialize in source code analysis, Web application penetration and security testing, application shielding, database monitoring, training, and implementation services. The team includes Cigital Inc., Fortify Software Inc., IBM/Watchfire Corporation, and Application Security Inc.

No sign of HP/SPI?


 
 
Powered By Industrial Memetics