Welcome!


From the Blogosphere

At some point in the near future, our alarm clock will ring when the biometric scanner monitoring our sleep indicates we have achieved optimum rest. Our clock will connect with the coffee maker, and a steaming cup of brew will be waiting, while the lighting system in our home gradually...
Throughout the enterprise there are security personnel using a variety of processes and tools to conduct their incident response, network defense, and threat and risk analysis. Security team efforts haven’t been integrated, or if they are integrated, it is only through rudimentary tech...
A virtual Chief Information Security Officer (CISO) can be an invaluable asset to your company. The virtual CISO provides your business with a person that will be in charge of the electronic security aspects of your company. You will have an executive in place that will not only overse...
At the recent Mobile World Congress 2015 (MWC) in Barcelona, we heard operators and vendors discuss the future of mobile network connectivity around the globe. While we look forward to new updates on this subject (and updates from these major players), the conference was also ripe with...
One of the most difficult things to do today is to identify a legitimate user. Part of the problem is that the definition of a legitimate users depends greatly on the application. Your public facing website, for example, may loosely define legitimate as "can open a TCP connection and s...
Keeping data from getting out into the wild or being damaged by cyber attackers is what keeps CISOs, the executive team and boards of directors up at night. To protect organizations, cybersecurity needs to be automated and real-time, it needs to learn contextually like we do and it nee...
SYS-CON Events announced today that WHOA.com, an ISO 27001 Certified secure cloud computing company, has been named “Bronze Sponsor” of SYS-CON's 16th International Cloud Expo® New York, which will take place June 9-11, 2015, at the Javits Center in New York City, NY. WHOA.com is a le...
Health Shared Services BC in Vancouver implemented one of the healthcare industry’s first Service Asset and Configuration Management Systems to help them optimize performance of their IT systems and applications. We'll explore how HSSBC has successfully implemented one of the healthca...
A new report sponsored by CA Technologies examines how IT and business leaders aim to sync the security and mobile user experience. CA Technologies’ latest research determines that though top concerns of IT Security practices include the elimination of breaches, data protection and ide...
This year has brought big news, significant changes and increased awareness of the adoption of cloud computing in Government. In fact Cloud computing may be the biggest and most overhyped term in Government information technology today. It is also the most discussed topic in agency s...
The GoDaddy customer breaches didn’t have to happen and don’t have to happen to you. Cisco threat researchers recently reported a dramatic uptick in Angler Exploit Kit-based attacks connected to compromised GoDaddy domain registry accounts. GoDaddy, which manages nearly a third of al...
Like DDoS attacks, aggressive screen scraping can create huge spikes in traffic, cause brownouts, and even take you down for extended periods of time. Web scraping doesn’t make the headlines and most people aren’t aware of the damage it can cause to your website’s success. Thieves an...
Application troubleshooting survey reveals integrated tools lead to significant response time improvements Thirty-seven percent of developers rely on user notifications to identify issues, yet integrated tools reduce customer impact by 62%. See the Infographic below or download the c...
When it comes to cybersecurity initiatives, the U.S. government has not taken a back seat. Perhaps owning to the number of high profile breaches and damaging insider attacks that have occurred in the past few years, this White House in particular has been very vocal about the federal g...
A discussion from The Open Group San Diego 2015 examining the both need and outlook for Cybersecurity standards among supply chains. The latest discussion, examining the both need and outlook for Cybersecurity standards among supply chains, is moderated by Dave Lounsbury, Chief Techno...
If you’ve ever watched a submarine movie like The Hunt for Red October, Crimson Tide, or U-571 you’ll notice that these scripts always include running a surprise drill soon after getting underway from port. When a submarine submerges after a long port call one of the first things a cap...
Where were you on February 3, 2015 at 3:40 p.m. PST? Snowed in? Desperately trying to refresh Netflix? If so, you weren’t alone. It turns out even best and biggest companies experience failure from time to time. Despite the success of their Chaos Monkey approach to operations, the Inte...
Some times our customers would prefer to use SSH to connect from the server our XL Deploy is running on and their targets. By default Windows does not support SSH, but XebiaLabs’ tools do support SSH on windows. The tricky part is that most implementations of SSH for Windows also req...
FedRAMP defines the requirements for cloud service providers’ security controls, including vulnerability scanning, incident monitoring, logging, and reporting. CSPs in use at federal agencies or in acquisition must meet the cloud computing requirements defined by FedRAMP. Whether o...
Over the last several weeks, we’ve examined the risks of using the public cloud in the enterprise workplace. From unauthorized file access to regulatory noncompliance, the potential scenarios vary from dire to more dire – and it’s up to decision makers to take control of their organiza...
We continue to see an increasing trend in cyber-attacks in line with the growth of new technologies, and enterprises have to protect themselves. It is critical for enterprises to devise their own measures to protect against cyber-attacks because any tolerance on this front is more than...
Without question, the rise in cyberleaks, nation-state cyber terrorism and the beach of consumer data across multiple industry domains has led to a heightened awareness of the enterprise and personal responsibilities associated with cybersecurity. The consumerization of IT and the adop...
As we kick off 2015, I predict that this will go down in history as the year of the Threat Intelligence Platform (TIP). We say goodbye to the year of the advanced persistent threat (APT) in 2014, just as this time last year we waved adieu to mobile device management (MDM). We’ve seen ...
Tunisie Electronique, a Tunisian IT services provider, improved their IT service management offerings and capabilities leveraging cloud-based services. To learn more about better IT control and efficiency using the latest ITSM tools and services, we are joined by Fadoua Ouerdiane, IT ...
​I had the chance to sit down with Lee Slaughter, Skytap's Manager of Information Security, to discuss security in the cloud, the efforts that make up a thorough due diligence when choosing a cloud provider, and how to keep up with external and internal threats to your business. Noel:...
The benefits of cloud billing can be irresistible. Always-on availability, flexibility, elastic scalability, low cost, global reach. But with high-profile security breaches from the likes of Target, Sony and health insurer Anthem, it’s understandable that thinking about turning your bi...
Cloud has become part of the enterprise landscape with nearly 90 percent of businesses having adopted cloud-based apps and services. However, organizations need to make sure that these cloud solutions don’t compromise the hard-won security policies that govern the rest of the informati...
At the end of the year, WhiteHat Security posted an interesting blog titled, "The Parabola of Reported WebAppSec Vulnerabilities" in which a downward trend in web application vulnerabilities (as collected by the folks at Risk Based Security's VulnDB) was noted beginning in 2008 after h...
Cloud computing offerings are almost overwhelming at this point. There are so many different services and service providers competing for your business that it can be hard to know what’s really best for you. Understanding what kinds of solutions work for your business means getting a h...
When it comes to data security, identifying what you consider your crown jewels is the first step in the data security recovery program. Legacy products can be expensive and negatively impact performance. Organizations need to realize that the complexity and fear of access control is a...
You can’t have a conversation about technology today without the topic of security breaches ending up front and center as a key concern. This is understandable with all the high profile breaches that have been occurring on what seems a regularly scheduled event. Anthem, the nation’s se...
Business users can conjure new applications, send messages and share information around the world at the speed of light from their mobile devices. But just because they can, doesn’t mean they should – all this sharing and collaboration can have consequences on businesses’ security. Sen...
Those watching federal cloud security in the defense space were pleased to learn the Defense DOD Cloud Computing Security Requirements Guide (v1) (SRG) last month. This 152-page document outlines the security requirements that Department of Defense (DOD) mission owners must adhere to w...
The security landscape is evolving more than ever before – not only must chief information security officers (CISOs) deal with constant increasing cyber-attack threats and security breaches but they must keep up with mobility trends and concerns about access to data and protecting iden...
It is widely known that the National Security Agency houses an impressive cyber force with the capacity to bypass the digital defenses of private individuals, enterprises, and even foreign governments – a force powerful enough to draw criticism from the American public and American all...
I’m writing this blog on Monday, February 9th, late afternoon with a very full stomach. Last week we launched Vormetric Tokenization with Dynamic Data Masking and today we took the engineers out for a big lunch to celebrate. Now feeling full and contemplative, I thought I’d join the cl...
What happens when the gadgets you wear also control the things around you? No doubt you’ve heard of various internet-connected things like light bulbs, coffee makers and thermostats making their way into our homes. And no doubt, you’ve probably heard of such devices that you wear (or ...
If your business has any investment in public cloud SaaS applications, then it’s time to invest in a Cloud Access Service Broker (CASB). That’s our takeaway from the recently released Gartner security report, “Emerging Technology Analysis: Cloud Access Security Brokers.” More and more...
They say that you are only as secure as your weakest firewall. But then is it just firewalls that protect our network and the information therein, or is it the framework the policies and the processes that have cracks that let the vulnerabilities seep through? Hackers will be hackers ...
The process of bringing firms back from the point of massive systems failure in some form has become known as Disaster Recovery A surprisingly high ‘one in every three’ companies is said to have experienced and declared a disaster in the past five years, according to a November 2013 s...