(1888PressRelease)
February 27, 2007 - Fairmont, West Virginia –February 26, 2007 – Backbone Security's Steganography Analysis and Research Center (SARC) is pleased to announce the release of Steganography Analyzer Real-time Scanner (StegAlyzerRTS) V2.0, the only commercially available real-time steganography scanner in the world.
This version of StegAlyzerRTS is capable of detecting insiders downloading any of 625 digital steganography applications widely available as freeware or shareware on the Internet as well as a number of commercially licensed steganography applications. This insider threat detection and mitigation tool also detects the signatures, or hexadecimal byte patterns, of 30 of those applications. Additional application and signature detection capability will be added to future versions.
Detecting steganography application downloads is an early warning indicator that an insider is planning to use the application to hide something. The insider may be stealing sensitive, classified, or proprietary information or may be planning to use the application to conceal evidence of other criminal activity.
StegAlyzerRTS also detects attempts by insiders to use steganography applications that may have been installed on the network prior to deployment of StegAlyzerRTS. The exclusive signature scanning approach developed in the SARC allows StegAlyzerRTS to detect insider attempts to upload carrier files containing hidden information onto external websites, send files containing hidden information as an e-mail attachment, and even detects use of a technique known as spam mimicry to conceal information by converting it into a form that appears to be spam.
StegAlyzerRTS can be configured to allow suspect files to enter or leave a network or to block those files. In either case, an alert is generated to inform network security staff an insider has downloaded or used steganography.
According to Glenn Watt, President and CEO of Backbone Security, “organizations with significant amounts of intellectual property to protect, such as those in the electronics and pharmaceutical industries, must acknowledge the threat of insider use of digital steganography to steal intellectual property and other sensitive or proprietary information.
Deployment of a real-time steganalysis capability can be an effective countermeasure to that threat.”
