Spend any time researching Internet security and software application defense layers and you'll quickly find that there are at least 10 major user-centric vendors out there with brands well known to the public from AVG, to Norton to McAfee. The problem is that these layers are extremely user focused and typically reside on the device, desktop or server itself.
All the vendors behind these products do admirable work in their R&D labs, but isn't a direct hacker-centric anti-attack layer something we should have all been working collectively to construct and refine for some time now?
Security vendor Imperva is trying to position its new hacker intelligence initiative as a more application development relevant research effort focused on providing insight into how cybercriminals conduct large scale cyber attacks. Part of the company's Application Defense Center intelligence initiative will investigate the anatomy of attacks as well as key hacking trends by exploring the cybercrime industry utilizing techniques including hack-back, forum monitoring and Internet traffic surveillance.
"Cybercrime is a business like any other," said Amichai Shulman, Imperva’s CTO. "Hackers are becoming more automated and their techniques more sophisticated and industrialized. Modern cyber defenses need to keep pace with this growing industry and our intelligence initiative will help uncover the trends, techniques and tactics utilized by today’s cybercriminals."
Imperva may be 'just another security vendor' trying to package up its data store of infected or suspicious code blocks in a shiny new box. Or, perhaps it is on to something. The fact that the company appears to recognize automated and industrialized application attacks may mean that its perception of malware generation is refreshingly accurate.
You can register here for more information on the company's experience with a start-to-finish execution of a cross-site scripting (XSS) attack. By observing the hacker's own vulnerable code, Imperva was able to witness an XSS attack impacting 3000 individuals. The company found that XSS attacks require little expertise and less than an hour to carry out when using readily available tutorials and free hosting sites.
Of course there are many conspiracy theories out there that will tell you that all the viral content and malicious code creation out there is being produced by the security vendors themselves to ensure that supply and demand stays nicely in balance. Perhaps there should be a global edict dictating that no security company should be allowed to trade unless it joins and contributes to the Hacker Intelligence Secret Service -- or have I been watching too much James Bond do you think?