One of the most compelling (and arguably overlooked) bits of news from last month's RSA Conference was the arrival of IronBee, an open-source web application firewall (WAF) sensor unveiled by cloud security vendor Qualys. A WAF is designed to sit in front of a web server and analyze incoming data for malicous code and other security threats.
Read: More Security News and Articles
I sat down at RSA with Wolfgang Kandek, CTO of Qualys, for an overview of IronBee and all the other new products and updates Qualys announced at the show, including: an update to their QualysGuard Policy Compliance product (now at version 3.0); QualysGuard Web Application Scanning (WAS) 2.0; and a significant update to their Security-as-a-Service software platform that underpins the aforementioned products.
Kandek explained that the IronBee project will be based in the cloud and will provide a number of benefits for the WAF community, including "portability of security logic, development cost savings, wide availability, and open information exchange to improve overall security." Kandek also indicated that Akamai has signed on as a founding supporter of the IronBee project, and more support for IronBee from other companies, security organizations and security vendors would likely be seen in the coming months.
For more information on the IronBee open-source WAF sensor project, visit the IronBee website.
Using a WAF in your own IT environment? Share your thoughts by adding a comment to this blog post or continuing the discussion on Twitter.
Follow Jeff James on Twitter at @jeffjames3
Follow Windows IT Pro on Twitter at @windowsitpro