News

V. Rasneur (from the R&D team) won the development contest organized by Hex-Rays

Vincent Rasneur won the contest organized by Hex-Rays, the editor of the IDA reverse engineering software. It is a very high-level contest so big big congratulations to Vincent!
 

http://www.hex-rays.com/contest2009/
 

"We are happy to announce the results of our first Hex-Rays plugin contest! The submitted files are very interesting. We are sure that you too will find them useful and increasing your productivity.

While we had no difficulties determining the first winner, the second place was not that obvious, both candidates were very good. In the end we did choose, but decided that the third place deserves the prize as well. In fact, we feel that all submissions are good and deserve a prize, but the number of winning places is always limited. Probably we will be better prepared for the next time.

We would like to thank all participants for the submissions. Many of them show new ways of using and extending IDA. See below youself ;)

Without further ado, let us announce the winners. They are:

   1. Vincent Rasneur from DenyAll with the DWARF plugin
   2. Marian Radu from Microsoft with the Adobe Flash disassembler
   3. Jan Newger with the IDAStealth plugin

Congratulations to the winners!"

Deny All nahm am WAF-Roundtable der Messe “it-sa” teil

IT(ea)-Time Roundtable :

   Backdoor Browser? Von Hinten durch die Brust ins Auge - die Verwundbarkeit der Webapplikationen

Teilnehmer : Mr. Stefan Strobel of Cirosec, Mr. Dr. Bruce Sams of OPTIMAbit GmbH and Mr. Thomas Kohl of Deny All  --> video anschauen

   Web Application Firewall, der schnelle Weg zur High-Level-Security

Sprecher : ”. Mr. Ingmar Ludemann --> video anschauen

Deny All releases a patch against Slowloris, an attack against Web servers

The DARC (Deny All Research Center), division of Deny All which focuses on threat analysis and mitigation, performed a technical analysis of the tool and the concept of the attack.
Therefore all Deny All customers can now be protected from this attack and any variant based on the same technique.
This is the first release of a patch for an Apache-based products against this attack.

You can read the Press release.
 

rWeb 3.8 evaluated by SIC Laboratory

SIC (Seguridad en Informática y Comunicaciones) is, since 1992, the information security and IT systems security widest read magazine in Spain. Directed to CISOs, CIOs and other information security manager profiles, this Ediciones CODA publication serves as a cohesion tool for its professional readers in Spanish.
SIC Laboratory is the magazine section where security hardware/software products and tools are identified, examined, analyzed and evaluated.

In June, our leading product rWeb 3.8 has been evaluated and "the results of the test [for the White List] has led to very satisfactory values of around 98.2%. And the test results have been excellent with the Black List."
 

You can read the Spanish article.
 

Twitter users victims of a worm

the 16th of april the Twitter users have been victims of a worm.
 

Read our explanation (in French)
 

Launch of our PCI Web site

We are pleased to announce the launch of our PCI Web site where you can find informations about PCI standard, Best Practices and download a trial version of our product for being compliant.

DenyAll Iberia and Arista Ingeniería Tecnológica S.A. announce partnership

DenyAll Iberia and Arista Ingeniería Tecnológica S.A. announce partnership to offer Spain customers ultimate Web Application Security based on Deny All’s WAF’s technology and recognized Arista quality services.
 

Deny All extends lead in WAF Market with the launch of rWeb 3.8 Software and Appliance platform.

 Deny All extends lead in WAF Market with the launch of rWeb 3.8 Software and Appliance platform.

ALERT: Deny All stops Nihaorr1

ALERT: Deny All stops Nihaorr1, the latest attack that inserts scripts into Web databases and which jeopardizes the integration of the PCI DSS standard.