Use Marty Roesch’s BDA to Keep BAD Things from Happening

This series of articles and the accompanying videos are part of an ongoing project to illuminate the people, products, and vendors that make up the IT security industry. The vendors paid for the video production. Marty Roesch is a pioneer in network security. He is the creator of the open source IDS product SNORT and…

Details

Reducing Time-to-Resolution With Network Analytics

This series of articles and the accompanying videos are part of an ongoing project to illuminate the people, products, and vendors that make up the IT security industry. The vendors paid for the video production. When Boeing acquired Narus in 2010, it was one of the few acquisitions of a Silicon Valley IT security company…

Details

Commtouch Pivots to a Product Vendor as Cyren

This series of articles and the accompanying videos are part of an ongoing project to illuminate the people, products, and vendors that make up the IT security industry. The vendors paid for the video production. Commtouch has been in stealth mode for 20 years. Industry veterans know that many of the endpoint security suites, UTM…

Details

Hardware Giant LaCie Warns Customer Information May have been Stolen in Year-long Breach

The Federal Bureau of Investigation alerted the company on March 19 it had “indications that an unauthorized person used malware to gain access to information from customer transactions that were made through LaCie’s website,” according to a statement posted on LaCie.com. Security writer Brian Krebs claimed to have notified Seagate, which acquired LaCie in 2012…

Details

Was the Heartbleed Bug Disclosed Responsibly?

Responsible disclosure is a burning issue it the world of software and security. If a security flaw is discovered by  a researcher (sometimes called a hacker) what are the responsible actions the discoverer should take? There was a time when many security flaws were just published willy-nilly to a mail list or website. Researchers sought…

Details

Judge Rules FTC Can Sue Companies for Not Taking Reasonable Data Security Measures

A United States federal judge recently ruled the Federal Trade Commission has the authority to file lawsuits against companies for failing to take “reasonable and appropriate” data security measures. The FTC sued hotel chain Wyndham Worldwide in 2012 of “repeated failures” to protect its customers’ data that led to multiple data breaches between 2008 and…

Details

Cyphort Adding Context to Advanced Malware Detection

This series of articles and the accompanying videos are part of an ongoing project to illuminate the people, products, and vendors that make up the IT security industry. The vendors paid a fee to cover the expense of producing the videos. As malware become both more sophisticated and more targeted traditional AV began to fail.…

Details

The Latest Heartbleed Bug Bombshell: NSA Knows About it and Uses It

The US National Security Agency (NSA) reportedly knew about the Heartbleed bug flaw and regularly used it to gather critical intelligence, according to the Bloomberg news agency. Heartbleed is the name given to a software vulnerability in OpenSSL, an open-source cryptographic library widely used to secure Internet communications. OpenSSL is commonly used by Web servers, VPN software,…

Details

Evidence Appearing That NSA Knew About Heartbleed

While Bruce Schneier may have been jumping to conclusions when he said: “At this point, the probability is close to one that every target has had its private keys extracted by multiple intelligence agencies.” It did not take long for at least a couple of traces of recorded network traffic, as reported by Ars Technica,…

Details