This week in security was dominated by the VM world 2010 conference in San Francisco and some interesting partnership/acquisition activity which could help Dell and CA offer more secure products. Twitter, Facebook and Microsoft also released enhancements to their products designed to improve security.
First up it was Twitter who made moves to improve the security of its service, with support announced for a new authentication system for people using third-party applications to read or send tweets. The OAuth authentication method chosen by Twitter allows subscribers to use third-party applications without them storing passwords. The apps will still work if the user subsequently decides to change their password.
Ironically, the corresponding OAuth update required by TweetDeck users to make them ultimately more secure was used by scammers to try and spread malware.
Social networking giant Facebook also got in on the act, announcing a security feature that will allow users to remotely log out of active sessions on any device, reducing the chances of having their accounts hacked and used to send spam or malware.
CA announced plans to extend its cloud security capabilities with the acquisition of Arcot Systems, a provider of fraud prevention and authentication tools. The $200m (£129m) acquisition will help CA strengthen its Identity and Access Management (IAM) offerings, the firm said. Meanwhile, Dell announced plans to expand its partnership with security firm Trend Micro, in a deal which will bring the vendor's Worry-Free Business Security Services to its own customers.
Microsoft issued an updated version of its mitigation tool for hardening Windows applications against common security exploits used by malware. The Enhanced Mitigation Experience Toolkit (EMET) 2.0 is now available from the Microsoft download centre, and adds two new mitigations to the four already supported in the tool since EMET 1.02 was released in October 2009.
Finally, there was a big emphasis on security at VMworld this year, with VMware leading the way. It announced a trio of products aimed at redefining virtual security architecture from a perimeter to a defence-in-depth approach.
VMware vShield Edge, vShield App and vShield Endpoint cover anti-virus, load balancing and firewall security for cloud systems. By integrating these deep into the virtualised environment, security could become a selling point for cloud, according to the company.
Also at the show, Trend Micro posted an update for its Deep Security server protection platform, targeting server virtualisation and sporting a new module for VMware systems. And Check Point introduced a virtualised edition of its Security Gateway appliance
