Welcome!


Latest Blogs from Web Security Journal
You don't necessarily get 2x the value from your logs when your volumes double. Value is more aligned with the analysis and trends you can extract from your data. It's no secret that log data is quickly becoming one of the most valuable sources of information within organizations. The...
It’s a clear message being heard across the industry - widespread adoption of cloud applications is only a matter of time. However, the tricky part for many is, how much time do organizations actually have to hold out? And why should they switch? For starters – the cost savings are cl...
Cloud security is a top concern for any organization migrating to the cloud. The threats are many. For example, the fact your data resides in a shared, multi-tenant environment is a threat that has become a reality with the latest Xen virtualization bug, which allowed a malicious fu...
In 2007, there were virtually no mobile apps. Last year alone, over 100 billion apps were downloaded, generating $26 billion in sales. App stores operated by Apple and Google now offer more than a million apps each and people every day depend on apps like Facebook, Google Maps and Uber...
At first glance, it might seem that the goals of DevOps and regulatory compliance are inherently at odds. Whereas much of the buzz around DevOps advocates delivering software at dizzying rates, compliance and security are concerned with proper oversight of the change management process...
Storing data of any kind on the cloud can be a risk, but there are ways to mitigate the risks. With such an abundance of cloud providers, there are plenty of options for you to choose from for security purposes. Finding a vendor that encrypts data in motion as well as data at rest is a...
Much of what human beings experience as commonplace today - social networking, on-line gaming, mobile and wearable computing -- was impossible a decade ago. One thing is certain: we're going to see even more impressive advances in the next few years. However, this will be the result of...
The path to successful application delivery has been a long and winding road for many companies. Back in the days of Y2K and the dot-coms, applications were often delivered out of a physical data center. This usually consisted of a dedicated raised-floor room at the corporate headquart...
Despite the data privacy protections supposedly conferred by regulations like HIPAA and HITECH, consumers’ confidential health and personal information is still not safe enough. That’s the lesson to be learned from Franklin, TN-based Community Health Systems’ (CHS) August 18 regulatory...
The Amazon Web Services public infrastructure cloud is seeing massive adoption, and for good reason. Using AWS arms companies with advanced infrastructure that, in most cases, they could not possibly achieve in their own datacenters. In fact, According to Gartner, AWS has 5 times more ...
It is no doubt that the latest and greatest technologies get your juices flowing. Researching the details, comparing the benchmarks, imagining the differences you could make within your organization if you could just put the right technology solutions in the right place. If only budget...
Earlier in the year, Gartner forecast that by year-end 2016, more than 50 percent of global companies will have stored customer-sensitive data in a public cloud platform. These services can scale very quickly, which has made them very popular for applications that have a requirement fo...
Enterprise applications are increasing in complexity, with multi-tier and distributed applications being the new standards for dealing with high-volume, high-scale requirements. In many development environments, the ideal scenario is to enable DevOps teams to manage dev/test environmen...
Shellshock, appropriately and of course punnily named, is ravaging the Internet right now. Active exploits continue to grow in number and in complexity. While there are multiple avenues through which this vulnerability can be exploited, the most active one at the moment appears to be ...
With the capability to reduce both CapEx and OpEx, it’s easy to see why the SDN-NFV trend has taken hold in the hosting and mobile industry. Early use cases include network virtualization from cloud service providers and enterprise data centers, bandwidth calendaring and network tappin...
Data is arguably the most prolific and most valuable of resources. As such, it needs to be protected both as a company asset and in keeping with data privacy laws. Data protection is most acute in healthcare, which is something of a latecomer to fast-evolving heterogeneous electronic e...
Electric Cloud's Juan Jimenez recently blogged: "Consider this statement of truth – the bane of any Continuous Delivery strategy is testing. You can have wildly fast builds...completely automated Continuous Integration and Delivery... but if your Continuous Testing slows your Agile-ity...
You can't truly accelerate the SDLC without a dependable continuous testing process. Evolving from automated to continuous testing requires on-demand access to a complete, realistic test environment. Yet, such access can be extremely difficult to achieve with today's increasingly compl...
Do you avoid stores that have had a credit card breach? You are not alone. About 52% of people avoid merchants who have had a data breach according to a recent Lowcards survey. They surveyed over 400 random consumers to better understand the impact of identity theft on consumer behavi...
In a post Snowden world it is clear that for cloud data security, we need strong encryption. When properly implemented, encryption in the cloud reduces risk to levels acceptable for sensitive data. There is no doubt data protection in the cloud computing era is never going to be a ‘...
In the video at this link and embedded below I provide some context on new approaches to data can enhance outcomes for public sector organizations, with a focus on real world use cases. I also mention key requirements which apply at most government organizations for their data and how ...
On the one hand, the BYOX trends that drive cloud service adoption and worker self-enablement are transforming traditional IT into a User-Centric IT model that focuses on empowering and enabling workers. On the other hand, the free-wheeling nature of the cloud and the regular news of ...
Dawn Parzych, F5 Sr. Product Manager, talks about the benefits of HTTP 2.0 and shows us a demo of 170+ pictures appearing instantly while using the BIG-IP HTTP 2.0 profile. Interesting conversation about web pages loads, the chattiness of the HTTP protocol and the notion of HTTP 2.0 mo...
About 8 years ago at my previous employer we started a project related to Autonomic Networking. Autonomic Networking is modeled after Autonomic Computing, an IBM initiative from the early 2000s, targeted at creating self managing computing elements. The network version intends to creat...
Consider the possibility that a small innocuous code change could go undetected, promoted through Development & QA, and then have catastrophic effects on performance once it reaches production. The environmental variants need to be minimized and closely monitored to prevent the anomalo...
I'll explain the difference between two major categories in in-memory computing: In-Memory Database and In-Memory Data Grid. A few months ago, I spoke at the conference where I explained the difference between caching and an in-memory data grid. Today, having realized that many people...
Quite often you will hear IT people say that they want the ultimate automatic disaster recovery solution that you can buy. You can also find some vendors who can sell you their solution as automatic disaster recovery solution only because you asked for one. But do you really want an au...
You often hear people say, ‘oh, this is a living document,’ to indicate that the information is continually updated or edited to reflect changes that may occur during the life of the document. Your infrastructure is also living and dynamic. You make changes, updates or upgrades to addr...
Experiencing downtime is not something that companies wish for but as we have seen lately it is something that we hear quite often about. Interestingly enough very few enterprises, especially in the Small and Medium Business area, spent enough time...
In February 2011, Vivek Kundra announced the “Cloud First” policy across the US Government. The directive, issued through the Office of Management and Budget, required agencies to give cloud technology first priority in developing IT projects. He also described cloud computing as a “10...
It's probably no surprise that I have long advocated the position that hybrid cloud would eventually become "the standard" architecture with respect to, well, cloud computing. As the dev/ops crowd at Glue Con was recently reminded by the self-styled "most obnoxious man in cloud", Josh ...
No doubt, the world of cloud storage has evolved over the past several months in terms of broader interoperability, increased features and functionality as well as lower overall costs. Whereas the questions posed about cloud storage used to center on integration with (or in place of) e...
The days of completely separate storage network technologies are quickly fading. It feels like it’s only a few years ago that Fiber Channel was the way to create large scale storage networks. Big honking storage devices on a separate network, connected to Fiber Channel switches, connec...
I moved recently. Not too far away nor to a different state, just the other side of town. It is simultaneously exhilarating and exhausting. Most people in the U.S. moving during the summer. Kids are out of school, the weather is mostly nice, friends might be available to help and you a...
IP Multicast is one of those technologies that most everyone loves to hate. It’s almost the perfect example of how complicated we have made networking. Getting IP Multicast to run depends on several protocols that are all somewhat intertwined or dependent on each, their relationship so...
At healthcare events throughout the world, we have met many health tech companies who are considering migrating to the cloud, but have serious concerns about protecting electronic protected health Information (e-PHI) and maintaining HIPAA compliance as they virtualize their environment...
It comes as no surprise that the CEO of Target has resigned in the wake of their massive data breach. The 2nd executive, if I remember correctly, to resign due to the mishap. Data breaches are costly according to the most recent Ponemon 2014 Cost of Data Breach Study: United States and...
As public and private cloud adoption continues to skyrocket, it’s becoming more and more clear that Database-as-a-Service (DBaaS) is hugely important to users. This isn’t really news, as much as it’s a confirmation of what many were seeing much earlier in the cloud industry’s maturatio...
It means you can't use "network" protocols to make intelligent decisions about applications any more. Back in 2000 (or 2001, I forget exactly), I got to test a variety of bandwidth management appliances. Oh, they were the bomb back then - able to identify (and classify) applications b...
This week's "bad news" with respect to information security centers on Facebook and the exploitation of HTTP caches to affect a DDoS attack. Reported as a 'vulnerability', this exploit takes advantage of the way the application protocol is designed to work. In fact, the same author who...