Welcome!


From the Blogosphere

As the march to connect each and every noun on this planet continues with a blistering pace, the various ways, contraptions and sensors used to collect data is greatly expanding. What once was a (relatively) small collection of fitness trackers, smartwatches, thermostats, automobiles a...
As we have seen the growth in security challenges across the organization, we have also seen the growth in security spending and number of products that an enterprise buys. But have we, as an industry, been able to show that we are better off or worse? There is no clear yardstick to me...
Wow, if you ever wanted to learn about Rugged DevOps (some call it DevSecOps), sit down for a spell with Shannon Lietz, Ian Allison and Scott Kennedy from Intuit. We discussed a number of important topics including internal war games, culture hacking, gamification of Rugged DevOps and ...
Most people love new technology. It can make us more productive. It can lower our costs. It can be very “cool.” So, if it’s true and most people love new technology, why do we tend to adopt new technology on a “curve?” Why do innovators and early adopters jump in early while others bec...
The EMV liability shift that began in October 2015 is likely to reduce card present payment card fraud. That’s a double-edged sword for retailers with an online presence and those who accept mobile payments, as fraudsters are seeking easier routes to ill-gotten gain. Add to this the on...
The cloud provides two major advantages to load and performance procedures that help testing teams better model realistic behavior: instant infrastructure and geographic location. Cloud-based load testing also lowers the total cost of ownership, increases flexibility and allows testers...
Internet of Things (IoT), hybrid cloud services, mobile-first, and DevOps are increasing the demands and complexity of the overall development process. Key factors to improving both development speed and security despite these new challenges include new levels of collaboration and com...
Initially, we came across ransomware which exploited the entire system and just restricted you from interacting with your own device, later on requiring you to pay dollars if you want to go back and use your computer. And then it started becoming obsolete because an end-user. People...
According to a study the rising number of cloud-specific security attacks are likely to propel the demand for cloud security systems to 20 percent CAGR over the next four years. Adoption of cloud computing services has risen and so have the security risks associated with them. Accordi...
It is a sad but very real truth that many, dare I say most, IT professionals consider alerts to be the bane of their existence. After all, they’re annoying, noisy, mostly useless and frequently false. Thus, we IT professionals who specialize in IT monitoring are likely well acquainted ...
If we are involved in a cyber-war, where are the frontlines? What are the defenses that will work? Much of the efforts done so far in cybersecurity are nothing more than building an ineffective Maginot Line for cyber-defenses. Should we be spending more time (and money) in figuring ou...
Software as a Service (SaaS) is a model that has become a popular choice for deploying enterprise applications, delivering efficiencies and value to organizations in many ways. The benefits SaaS solutions deliver include not only avoiding the major resource drain and licensing costs as...
Currently, the preferred method of data protection of cloud giants, such as Google, is to replicate the data across different locations (i.e., data centers), rather than performing a true back up. This is done because a true back up seems logistically too complicated given the amount o...
The Domain Name Service (DNS) is one of the most important components in networking infrastructure, enabling users and services to access applications by translating URLs (names) into IP addresses (numbers). Because every icon and URL and all embedded content on a website requires a DN...
We all awoke last week to the latest regulatory and reputational risk since names like Madoff and Snowden burst into the headline. Weekly, there are smaller local skirmishes between the behavior of companies, public officials and the prying eyes of an ever more symbiotic relationship b...
Software as a Service has been around for a while. In its early years—late 1990s-early 2000s—it was mostly aimed at individual and departmental use, but in more recent years SaaS has been deployed at the enterprise level. There are companies that don’t use anything else. In the beginn...
Whether intentional or accidental, data leaks are a huge concern for organizations. And it has been for years. Going back to a 2004 survey from an IT security forum hosted by Qualys, found that 67% of security executives do not have controls in place to prevent data leakage, A December...
If you read our blog regularly then you know we’re pretty bullish about our OnPrem Agent product and its behind-the-firewall user-experience monitoring capabilities. What does it mean to monitor behind the firewall? Essentially you’re bringing Catchpoint’s Synthetic Monitoring capab...
Fail fast, fail often. Yeah, but the first failure blew up the satellite. Well, this is just a photo-sharing app..not rocket science. Okay, but your photos are accessed by users who have passwords that they probably use for other things..and aren't some photos as important as satellite...
This is an excerpt of some concepts from his upcoming book, NANOKRIEG: BEYOND BLITZKRIEG, a book covering the changes in Military Infrastructure, Strategies and Tactics needed to win the War on Terrorism. It includes chapters on cyberterrorism and cyberwarfare. With the latest terrori...
The use of Electronic Medical Records (EMR) by medical professionals has increased dramatically. According to HealthIT.gov, 2015 statistics show that 56 percent of all U.S. office-based physicians (MD/DO) have demonstrated meaningful use of electronic health records. The downside of th...
I came across this great article in CIO from Mary Branscombe, in which she discusses the perceived security concerns of moving fast with DevOps. She addresses the concerns people feel towards the speed of rapid releases, automation, and continuous integration and deployment, all of whi...
Private, public or hybrid cloud? This is the question that is being asked by C-level executives and IT professionals across the globe, as each enterprise continues to mature its cloud strategy and rethink the earlier role of cloud and whether to move away from an all public or private ...
There are always threats out there on the big bad internet. The majority of breaches happen at the application layer and many OWASP Top 10s like SQL injection are still malicious favorites to gain entry. Add to that the availability of DDoS tools, anonymous proxies and the rise of hack...
This week we came across an interesting phishing campaign. Users receive a file named “paymentxxx.pdf.” The file is a recently created PDF v1.5 made with Microsoft Word 2007, which can be opened by any PDF reader—Adobe or any other. The PDF is a single-page document and contains a hype...
In the middle of World War II, very basic and primitive computers were designed to improve accuracy for naval gunfire. The first computers ran complex mathematical applications to calculate trajectories and gunfire from large battleships. The size of the computer was huge and was made ...
Thanks to the professional, virtuous work of security researchers Chris Valasek and Charlie Miller and some fantastic reporting on this research by Andy Greenberg of Wired Magazine, we have long known that theoretical hacks against cars are no longer theoretical. They are real. Many co...
451 Research recently published its 2016 Enterprise Storage Outlook in which both Amazon Web Services (AWS) and Microsoft become top 5 enterprise storage vendors by 2017. Further, AWS surges from 6th place to 2nd place while NetApp plummets from 2nd place to 6th place. Spending on publ...
Many organizations today require 24x7 access to the data they need to run their operations. According to a recent survey, when IT teams modernize their data centers, high-speed recovery and data loss avoidance are the two most sought-after capabilities. Eliminating any “availability ga...
In December 1998 when transitioning into a job doing intelligence support to DoD computer network defense, one of my mentors reminded me of a Reagan-era publication that helped the public better understand the Soviet threat called "Soviet Military Power." This document was based on th...
Cloud applications are well established for many activities such as CRM, HR, and billing. With the cloud paradigm proven for so many enterprise tasks, the question of cloud vs. on-premises seems like yesterday’s – or even last year’s – debate. But is the cloud ready to handle the uniqu...
In the 1946 classic ‘Hair Raising Hare,’ Bugs Bunny asks, ‘Have you ever have the feeling you were being watched? Like the eyes of strange things are upon you?’ Like Bugs often did, he breaks the fourth wall and involves the audience directly, invoking a feeling that someone is looking...
This post provides an update on the ongoing battle between Apple and the U.S. government regarding Syed Rizwan Farook's iPhone, recovered by police after the horrific massacre in San Bernadino on December 2, 2015. It is just days before the March 22, 2016 hearing in this long-running...
Believe it or not, the first data backups were made on paper. Dating back as early as the 18th century, the "technology" was used in the form of paper tapes constructed from punch cards to control the functions of automated machinery such as textile looms. The concept of these cards wa...
In part one of this series, "Rugged DevOps: Survival is Not Mandatory", I shared news that 1 in 16 open source and third-party components downloaded last year included a known vulnerability. That may not seem like too many until you realize the average company downloads well over 200,...
Recently I changed some of my passwords. Some due to typical rotation time and a couple due to potential breaches and encouragement from the affected site. No, I’m not going to tell you which ones or how I go about it but I noticed that it took about 3 days for my fingers to key the co...
A key and wide-ranging tech trend that’s affecting enterprises and consumers alike is the Internet of Things (IoT). It’s a development that’s already transforming how we work and live as entrepreneurial minds continue to create use cases for billions of connected things. Transformati...
TCP/IP connectivity starts with a DNS look-up so that Endpoint A, seeking to establish a connection to Endpoint B, can determine B’s IP address. Not knowing when a connection request may be coming, Endpoint B has to continually listen for the arrival of such requests. Not even knowing ...
Hybrid cloud is rapidly becoming essential to today’s information technology processes. This is why hybrid cloud risk management has become the keystone to many modern corporate strategies. To effectively manage this shift, leading enterprises are reorganizing how the business side of ...
Deming, the patron saint of DevOps once advised, "It is not necessary to change. Survival is not mandatory." To survive, application development teams are constantly pressured to deliver software even faster. But fast is not enough. The best organizations realize that security, qual...