San Antonio, TX – April 30, 2012 – Digital Defense, Inc., an industry leader of managed, cloud-based security assessments and advanced vulnerability management solutions, discloses directory traversal vulnerabilities in two different products, the ACTi Web Configurator 3.0 and the PacketVideo TwonkyServer and TwonkyMedia software. The previously unknown flaws – zero-day vulnerabilities – can allow unauthenticated remote attackers to gain access to restricted files which may contain passwords or other private information, compromising an organization’s security. Digital Defense immediately notified both companies about the vulnerabilities, which have been addressed by the organizations. Further detail can be found on the Digital Defense Labs Blog.
Larry Hurtado, Digital Defense's President and CEO, states, “Automatic Zero-Day Vulnerability detection is a key Digital Defense core competency. Our patent-pending scanning technology, NIRV, coupled with our research team expertise, has resulted in the frequent discovery of previously unknown vulnerabilities. Digital Defense’s Vulnerability Research Team (VRT), utilizing data provided through our Frontline™ Solutions Platform (FSP), provides the knowledge necessary to quickly identify zero- day vulnerabilities. We don’t stumble upon these threats, we seek them out.”
Hurtado adds, “This Collective Security Intelligence demonstrates our unique offering. The utilization of Big Data analysis further bolsters the security of our clients as we can rapidly identify potential threats and alert the Digital Defense community, ensuring proactive measures can be employed quickly to prevent a security breach. Our managed service offers clients increased operational efficiencies and a high ROI.”
Digital Defense has disclosed multiple disclosures in recent months including:
- SOLARWINDS® Storage Manager Server “LoginServlet”
- HP JetDirect Embedded Web Server
- KnowledgeTree™ Online Document Management System
- IBM® WebSphere® Application Server