All the latest UK technology news, reviews and analysis

IT administrators told to get hacking

by Robert Jaques

21 Feb 2005

Be the first to comment

  • Tweet this

The best way for IT administrators to test their systems is by using hacking tools against them, according to a leading security specialist.

The plethora of exploit code available on the web to attack corporate servers should be used as a resource to test computer security. By running such code administrators can judge the efficacy of their defences and make appropriate adjustments.

Further reading

"There are several legitimate uses for exploit code," explained Ivan Arce, chief technology officer at Core Security Technologies.

"We need to understand the strengths and limitations of our tools. It helps to deploy timely and cost-effective mitigation measures."

Arce pointed out that code designed to exploit flaws in software programs is a valuable resource and should be used as such. Both legitimate and illegal organisations are now selling such code for use in testing.

This new value on exploit code is such that new vulnerabilities are being traded on the open market. Spammers and malware writers are buying it to further their ends, but legitimate security companies are also buying the information.

"There is an increasing perception of value for vulnerability code," said Arce. "The good guys value it and are not giving it up for free. The bad guys want it so they can carry on their attacks."

Do you agree?

Add your comment
 

Add your comment

We won't publish your address
By submitting a comment you agree to abide by our Terms & Conditions. Your comment will be moderated before publication.
Submit your comment

Latest stories from Security

A Microsoft logo

Microsoft posts critical Internet Explorer patch with February fixes

Related white papers

Related articles

Related jobs

Today's top stories

Google logo

Google’s Motorola acquisition cleared by European and US competition authorities

Asus Transformer Prime vs Apple iPad 2

Apple iPad 2 vs Asus Transformer Prime head-to-head review

Apple logo

Apple commissions independent inspection of Foxconn iPhone and iPad factories

Poll

IT priorities for 2012

What is the most important IT priority for your company this year?

99%

0%

1%

0%

0%

Features

V3 and The INQUIRER editor Madeline Bennett

BBC and Sky News show tough love with Twitter policies

V3's Rosalie Marshall

World indulges in a Facebook facts fest as firm prepares to float

facebook-new

Top five most interesting figures from Facebook’s IPO

Khidr headshot

Intel will prove Steve Jobs wrong in the mobile market

More features

Connect with V3.co.uk

Sign up to our daily or weekly newsletters

Case studies and reports

Accurev

Top 5 software development challenges

This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes

Talend

Rubbish in, rubbish enterprise

Why good data management at all levels is essential in the modern business (video, 6mins)

Technology jobs

Project Manager (BI)

Project Manager (BI) 6 Months Contract – to...

Desktop Support Manager

Desktop Support Manager 3 month contract - to start...

Programme Manager / 45k ++ Benefits / London

/ Programme Manager / 45k / Significant benefits / London...

Automation Test Manager Selenium London 75k

Automation Test Manager Selenium London 75k Automation...

To send to more than one email address, simply separate each address with a comma.