Security Vendors Team Up for Safer Web Surfing Initiatives

Today at the Computer Security Institute's 31st Annual Security Conference and Exhibition, the leading vendors in the application security market announced they have joined forces to help define more consistent and reliable standards for customers.

Jeff Pancottine, Senior Vice President and GM, Security Business Unit for F5 Networks, Shlomo Kramer, CEO of Imperva, Gene Banman, CEO of NetContinuum and Bob Walters, CEO of Teros (www.teros.com) have invited Check Point Software Technologies, Cisco Systems, Juniper Networks, McAfee and Symantec to join them in submitting their products to an independent application security evaluation conducted by ICSA Labs (www.icsalabs.com), the global leader in information security product certification.

"With a wide array of security technologies to choose from and a lack of criteria for what constitutes adequate application protection, selecting appropriate solutions to protect the Web-enabled enterprise is daunting," said Mary Ann Davidson, chief security officer for Oracle Corp.

According to a joint statement issued by the companies: "Each of our companies offers architecturally different solutions, and we compete with each other in the marketplace. "

"Maintaining vendor neutrality will be a critical success factor for this effort moving forward," said Greg Young, research director with Gartner Inc.

Application security is slated to become a $2 billion market over the next five years according to a recent industry survey by research firm Yankee Group ("Spending on Application Security Accelerates Security BPO," September 2004).

However, the lack of established industry best practices, combined with inconsistent and confusing vendor claims, have made it difficult for IT decision makers to identify products that provide legitimate protection against Web application exploits.

Formal invitations for the Web Application Security Challenge have been extended to Check Point Software Technologies, Cisco Systems, Juniper Networks, McAfee and Symantec.