Corisecio, a corporate information security firm, has recently released the Open Xml Gateway, which is built to protect IT infrastructure from specific types of outside attacks.
According the the Corisecio website, the software “provides e.g. protection methods against SQL injection and XXE attacks and enables realization of scheme validation like WS-security standards.” Most people out there know about SQL injections, simply because there have been so many attacks of various types around the business sector lately. However, not many people know what an XXE attack actually is, and I am here to enlighten. According to SecuriTeam.com
“(An) XXE (Xml eXternal Entity) attack is an attack on an application that parses XML input from untrusted sources using incorrectly configured XML parser. The application may be coerced to open arbitrary files and/or TCP connections.”
Anybody that works in network administration or security can see how this could be extremely problematic. This offering is supposed to help protect against such attacks, and considering the fact that it is free, it may be worth a try. Some to the the listed features are:
- Easy to use, install, and administer
- An XML Firewall
- A Web Service Security Suite
- can be implement in a variety of infrastructures, including a virtual platform
If you are looking for something to cover another possible security hole that you may not have thought of, then go and check this out at http://secrt.corisecio.com/.
