I’ve first learned about Blue Lane when they were still in stealth mode, they operated under a different company name first. Network Computing posted this Interview with Blue Lanes CEO Jeff Palmer. As he points out don’t confuse them with a patch management vendor.

I believe Blue Lane offers a very promising approach to solve the burning issues of reacting to security issues in a controlled manner rather than to deploy untested patches.

…
How does it work?

We typically follow the security patches from the vendors. We focus on those applicable to servers and remotely exploitable over the network. Our design emulates, in a context-aware way, the detection logic and correction logic of the vendor’s patch.

The correction logic can vary depending on the vulnerability. In the case of a buffer overflow, the vendor patch may truncate traffic; so we truncate traffic on the wire. In some cases the patch would terminate a session, so if that’s the remedy we would do it as well. In some cases it’s as simple as returning an error message.

So Blue Lane doesn’t apply patches to servers?

We sometimes get confused with patch management or software distribution. We in no way handle the vendor patch. We remediate until it’s realistic for the enterprise to deploy the patch on machines that can be patched. We are an adjunct to a healthy software update process.

The full article can be found here.

Enter your email address to get Hack Report news via email:

1 Comment(s)

Comments RSS TrackBack Identifier URI

Leave a comment

Name (required)

Mail (will not be published) (required)

Website