This series of articles and the accompanying videos are part of an ongoing project to illuminate the people, products, and vendors that make up the IT security industry. The vendors paid for the video production. While it is fairly common for the Chairman of the Board of a publicly traded company to step in to…
DetailsThe very best security teams I have worked with engage in continuous network monitoring and analysis. They capture downloaded executables and detonate them in sandboxed environments to extract key indicators of attack and store those in a library that runs against network traffic to identify ongoing attacks. It is hard to come by the skill…
DetailsThis series of articles and the accompanying videos are part of an ongoing project to illuminate the people, products, and vendors that make up the IT security industry. The vendors paid for the video production. Despite years of investment in multiple layers of security defenses, every organization is still wide open to targeted attacks. It…
DetailsThis series of articles and the accompanying videos are part of an ongoing project to illuminate the people, products, and vendors that make up the IT security industry. The vendors paid for the video production. The Ponemon Institute published a survey earlier this year on incident response readiness. (You can download the entire report from…
DetailsThis series of articles and the accompanying videos are part of an ongoing project to illuminate the people, products, and vendors that make up the IT security industry. The vendors paid for the video production. In a recent post I discussed trust interfaces as a method of evaluating and improving security strategies. One of those…
DetailsThis series of articles and the accompanying videos are part of an ongoing project to illuminate the people, products, and vendors that make up the IT security industry. The vendors paid for the video production. Marty Roesch is a pioneer in network security. He is the creator of the open source IDS product SNORT and…
DetailsThis series of articles and the accompanying videos are part of an ongoing project to illuminate the people, products, and vendors that make up the IT security industry. The vendors paid for the video production. When Boeing acquired Narus in 2010, it was one of the few acquisitions of a Silicon Valley IT security company…
DetailsThis series of articles and the accompanying videos are part of an ongoing project to illuminate the people, products, and vendors that make up the IT security industry. The vendors paid for the video production. Commtouch has been in stealth mode for 20 years. Industry veterans know that many of the endpoint security suites, UTM…
DetailsThe Federal Bureau of Investigation alerted the company on March 19 it had “indications that an unauthorized person used malware to gain access to information from customer transactions that were made through LaCie’s website,” according to a statement posted on LaCie.com. Security writer Brian Krebs claimed to have notified Seagate, which acquired LaCie in 2012…
DetailsResponsible disclosure is a burning issue it the world of software and security. If a security flaw is discovered by a researcher (sometimes called a hacker) what are the responsible actions the discoverer should take? There was a time when many security flaws were just published willy-nilly to a mail list or website. Researchers sought…
Details