October 09, 2001, 2:42 PM — Think your network has been compromised? Worried that files have been deleted or backdoors installed on your systems? One company that, as of Monday, is offering a service to help is Integralis, the U.S. division of European security firm Articon-Integralis AG.
Integralis offers a Network Forensics Service which inspects networks and computers after a suspected intrusion to assess what's gone on, said Kevin Dowd, president of U.S. operations for Integralis. Integralis staff will visit the premises of customers that think they've been compromised and sift through their audit logs to determine if there has been an intrusion, he said. If an intrusion has indeed occurred, Integralis will then trace back to where and how it happened and search for any changes that have been made to files, Dowd said. Additionally, the staff searches for Trojan horses, backdoors and other programs that may have been left behind by the intruder to enable them to get in again in the future, he said. A report about the attack is generated within a few days, Dowd said.
The service costs US$13,288 and is available immediately. Though the service was announced Monday as a product, Integralis' U.S. operations have been performing these services as a standard part of their business for years, starting when they were an independent company called Atlantic Computing, Dowd said. Atlantic Computing was founded in 1993, and was purchased by Integralis in 2000, he said. Integralis' European division has also been providing this service for some time, and is a bigger player in its market than the U.S. division is, Dowd said. Monday, however, marked the official U.S. debut of the service, he said.
The U.S. division of Integralis is hoping to move into larger-scale, longer-term engagements for providing its services to companies, Dowd said. Other divisions within the parent company also offer other services, including automated security, he said.
Despite competition (Integralis competes with companies that do ethical hacking or penetration testing, Dowd said) and being embroiled in difficult economic times, Dowd expects good things for Integralis, and for the security market in general.
"If the economy's really bad, then the security business may stay flat," Dowd said, "but I expect it to be disproportionately better than other businesses."
Alluding to the security problems that led the Code Red and Nimda worms to spread to hundreds of thousands of machines worldwide earlier this year he said, "You would be surprised how many people are poorly secured and late on patches."
Integralis, in East Hartford, Connecticut, can be reached at +1-877-557-1475 or online at http://www.atlantic.com/.