Welcome!


From the Blogosphere

Don’t emphasize network security at the cost of endpoint security; the two can be integrated and work hand in hand. The result is a safer, more secure business ready for the challenges of the future.
Bitium, based in Santa Monica, CA, works in the cloud to provide secure management of an enterprise's applications, users, and passwords in one place. We asked company Co-founder and CEO Scott Kriz a few questions about the company's vision and strategy. Cloud Computing Journal: Wh...

Every organization should follow a proactive rather than a reactive approach to protect against threats, risks, and vulnerabilities to which if their IT infrastructure is exposed can lead to data loss, regulatory penalties, lawsuits, and damaged reputation. Moving on the same lines,...

The cloud is proving to be a useful tool for businesses both large and small. What started out as an innovative idea has quickly transformed into a vital component of many business practices. As time goes on, demand for cloud storage has only increased with each passing year as more an...

In a recent webinar, Porticor’s AWS cloud security experts took on the security challenges companies face when migrating to AWS (and other IaaS clouds) and offered alternatives that enable IT Directors to take advantage of the cloud, while maintaining control of their data and its s...

Shellshock, appropriately and of course punnily named, is ravaging the Internet right now. Active exploits continue to grow in number and in complexity. While there are multiple avenues through which this vulnerability can be exploited, the most active one at the moment appears to be ...
Editor’s note: This post by Invincea CEO Anup Ghosh first appeared at LinkedIn. We knew this would be of interest to you and posted it here with the author’s permission.-bg I’ll say it up front, your security program does not work because it is based on three common m...

UPDATE (9/28/2014): Our security team indicates that we're now seeing the majority of attempted exploits of Shellshock coming in through input paramters. They've provided ASM signatures to mitigate and recommend customers use these signatures to protect their applications. Y...

Yet another retailer has confessed that their systems were breached and an untold number of victims join the growing list of those who have had their data was stolen. This one could be bigger than the infamous Target breach. I wonder if some day we’ll be referring to periods of time by...
The trend of virtual currencies is likely not a fad; we’re merely seeing the beginning of what will likely turn into a common practice. Network security revolving around virtual currency exchanges still needs to improve, but once that happens, those improvements may even solve network ...
JP Morgan Chase has announced that in June and July of this year over 76 million retail clients and over 7 million business clients had there personal information stolen from various company websites. The sites identified were: Chase.com, JPMorganOnline, Chase Mobile and JPMorgan Mobil...
I had the privilege of attending a mobile security event this week and speaking with many experts on the matter. I am not a mobile security expert, so my role was to speak on mobile strategies and trends and to learn as much as I could. What did I learn? I learned the difference b...
Last week Ivan Pepelnjak wrote an article about the failure domains of controller based network architectures. At the core of SDN solutions is the concept of a controller, which in most cases lives outside the network devices themselves. A controller as a central entity controlling the...
Data is arguably the most prolific and most valuable of resources. As such, it needs to be protected both as a company asset and in keeping with data privacy laws. Data protection is most acute in healthcare, which is something of a latecomer to fast-evolving heterogeneous electronic e...
The keys to the digital kingdom are credentials. In no industry is this more true (and ultimately more damaging) than financial services. The sophistication of the attacks used to gather those credentials and thwart the increasingly complex authentication process that guards financial ...

When you plan your migration to the cloud, and the cloud security best practices to secure it, there is no need to reinvent the wheel.  Here is some advice from the Fortune 500. Use these tips to learn from others’ successes and to avoid their failures – maybe their companies ...

Significant money is at stake and in need of protection in the Payment Card Industry (PCI). The global payment card industry covers several sectors: banks and financial institutions (acquirers), issuers, processors, service providers, merchants carrying out transactions online and v...

The cloud is expanding. More applications are being run online. More data is being stored online. More businesses are relying on public, private, and hybrid clouds for their apps, records, and backups. And more hackers are taking advantage. Why Security Breaches Happen in the Cloud ...

It is only fitting that the 20th anniversary of the Gartner Hype Cycle has the Internet of Things right at the top of the coaster. IoT is currently at the peak of Inflated Expectations. The Gartner Hype Cycle give organizations an assessment of the maturity, business benefit and future...
A recent Inc.com article claimed that the percentage of U.S. small businesses using cloud computing is expected to more than double during the next six years, from 37 percent to nearly 80 percent (l). This forecast was gleaned from a just released Emergent Research and Intuit study. Th...
You can't truly accelerate the SDLC without a dependable continuous testing process. Evolving from automated to continuous testing requires on-demand access to a complete, realistic test environment. Yet, such access can be extremely difficult to achieve with today's increasingly compl...
Do you avoid stores that have had a credit card breach? You are not alone. About 52% of people avoid merchants who have had a data breach according to a recent Lowcards survey. They surveyed over 400 random consumers to better understand the impact of identity theft on consumer behavi...
In a post Snowden world it is clear that for cloud data security, we need strong encryption. When properly implemented, encryption in the cloud reduces risk to levels acceptable for sensitive data. There is no doubt data protection in the cloud computing era is never going to be a ‘...
I write and speak often on the need to have a thoughtful Code Halo strategy in addition to your mobile and digital strategies. Code Halos is the term for the information that surrounds people, organizations, and devices. Many companies consider Code Halostrategies only for marketing, s...
Despite the hype and drama surrounding the HTTP 2.0 effort, the latest version of the ubiquitous HTTP protocol is not just a marketing term. It's a real, live IETF standard that is scheduled to "go live" in November (2014). And it changes everything. There are a lot of performanc...
In the video at this link and embedded below I provide some context on new approaches to data can enhance outcomes for public sector organizations, with a focus on real world use cases. I also mention key requirements which apply at most government organizations for their data and how ...
On the one hand, the BYOX trends that drive cloud service adoption and worker self-enablement are transforming traditional IT into a User-Centric IT model that focuses on empowering and enabling workers. On the other hand, the free-wheeling nature of the cloud and the regular news of ...
make it a lot easier and more fun to develop apps for both iOS and OS X. That’s in contrast to the current language, Objective-C, which is somewhat antiquated and considered by many to be difficult to use. Although Swift is easier to use, we’re sure that there will be issues like crash...
Dawn Parzych, F5 Sr. Product Manager, talks about the benefits of HTTP 2.0 and shows us a demo of 170+ pictures appearing instantly while using the BIG-IP HTTP 2.0 profile. Interesting conversation about web pages loads, the chattiness of the HTTP protocol and the notion of HTTP 2.0 mo...
Anyone who has been involved with security knows there is a balance to providing both security and privacy and performance at the same time. Security is often blamed for performance woes, particularly when cryptography is involved. SSL and TLS have long addressed this balance by lev...
First and foremost you can’t have a successful software-defined model if your team still have a hardware-defined mentality. Change is inevitable and whether it's embraced or not it will happen. For experienced CIOs this is not the first time they've experienced this technological and c...
Considering most organisations have still not fully virtualized or moved towards a true Private Cloud model, SDDC is still in its infancy in terms of mainstream adoption and certainly won't be an overnight process. While typical early adopters are advancing quickly down the software-de...
About 8 years ago at my previous employer we started a project related to Autonomic Networking. Autonomic Networking is modeled after Autonomic Computing, an IBM initiative from the early 2000s, targeted at creating self managing computing elements. The network version intends to creat...
At EELive!, we asked several software development professionals to discuss the state of software quality. Here's what they had to say...
It’s no secret that doing nothing is often considered a safe bet. The psychology behind inaction is well understood, particularly in the case of IT — the path of least disruption is usually maintaining the status quo rather than trying something new, But once in a while, a decision ...
I'll explain the difference between two major categories in in-memory computing: In-Memory Database and In-Memory Data Grid. A few months ago, I spoke at the conference where I explained the difference between caching and an in-memory data grid. Today, having realized that many people...
Quite often you will hear IT people say that they want the ultimate automatic disaster recovery solution that you can buy. You can also find some vendors who can sell you their solution as automatic disaster recovery solution only because you asked for one. But do you really want an au...
You often hear people say, ‘oh, this is a living document,’ to indicate that the information is continually updated or edited to reflect changes that may occur during the life of the document. Your infrastructure is also living and dynamic. You make changes, updates or upgrades to addr...
Experiencing downtime is not something that companies wish for but as we have seen lately it is something that we hear quite often about. Interestingly enough very few enterprises, especially in the Small and Medium Business area, spent enough time...
In February 2011, Vivek Kundra announced the “Cloud First” policy across the US Government. The directive, issued through the Office of Management and Budget, required agencies to give cloud technology first priority in developing IT projects. He also described cloud computing as a “10...