Thursday, April 23, 2009
IBM puts a WAF in the cloud?
IBM just announced a new cloud initiative around their Preventia and Rational platforms. The Rational play seems to meet the on-demand and scalability requirements of a cloud service (as many scans as you need for as many applications as you have) which puts them into the competitive space that contains solutions form Qualys and Cenzic among others. The Preventia platform leaves me a little fuzzy though, my first read on it is that it's a software appliance that you could put into your particular environment to protect your web app - same as you could incorporate a checkpoint software appliance into your cloud. So yes it adds security to web apps in the cloud, but it doesn't follow the same pattern as the "route through" solutions out there, so I don't think this isn't a cloud security service. Still, a start to addressing the security concerns of QSAs and CISSPs everywhere. (Best subtitle ever "Probably has a shiny uniform, catchphrase and secret handshake"). UPDATE: The Hoff of Rational Survivability is checking it out at RSA, thanks!