Welcome!


From the Blogosphere

Security is one of the most controversial topics in the software industry. How do you measure security? Is your favorite software fundamentally insecure? Are Docker containers secure? Dan Walsh, SELinux architect, wrote: "Some people make the mistake of thinking of containers as a bet...
Information security has become a critical priority for many businesses over the past decade, and for good reason. It seems like a new breach is exposed on nearly a daily basis, impacting another organization and its patrons. However, some companies believe that they're safe because th...
One of the greatest challenges facing business and government organizations is how to store and move sensitive data around the world while maintaining security. Storing and securing critical data held within data centers (whether physical or virtual) is top of mind from the boardroom t...
Advances in thin clients, desktop virtualization (VDI), cloud management services, and mobile delivery networks are allowing both increased security and edge applications performance gains. The next BriefingsDirect thought leadership panel discussion focuses on the heightened role of ...
Organizations are experiencing a new emphasis when it comes to cybersecurity. They are moving from securing the perimeter to securing the data within it, which is the result of the proliferation of connected devices in organizations today: smartphones, tablets and the IoT. Organization...
Cloud servers bring with them distributed hosting and the ability to anonymize identities and that has enabled cloud becoming a breeding ground for criminals and even terrorists. The cloud brings unique advantages to individual and business users alike and this explains the exponenti...
Hosting providers are often judged by their ability to ensure network availability/uptime. Unfortunately, distributed denial of service (DDoS) easily impact service availability and, in some instances, completely take down a hosting platform. As DDoS attacks continue to increase in siz...
Humorous metaphor about the cloud aside, this is a not-so-lighthearted blog entry. This is the convergence of progress, loss, and humility. In the fall of 2015, Salesforce.com (SFDC) announced upcoming initiatives for the Internet of Things. What we now know is that it was envisioned ...
Recent reports from the GAO indicate the US government is falling behind the technology gap, effecting everything from nuclear weaponry preparedness to an increase in medical errors that have pushed them to become the third leading cause of US deaths. We have IT solutions to solve prob...
We’ve been doing it for years, decades for some. How many websites have you created accounts on? Your bank, your credit card companies, social media sites, hotels and travel sites, online shopping sites, and that’s just the start. We do it often without even thinking about it, quickly ...
Today nearly all of us have our information stored on the cloud. It’s a very easy solution that allows users to seamlessly create back-ups of photos, contacts and other personal information, giving users access to their accounts anywhere from any device. Perhaps its most prized feature...
Many of you are very familiar with iRules, our Tool Command Language (Tcl) based scripter. It’s a powerful application delivery tool to have a programmable proxy that allows you to manipulate – in real time – any network traffic passing through the BIG-IP. Many BIG-IP fans have used it...
Ransom Trojans have evolved over time. The newer variants target files on a computer’s local drives, network shares and cloud paths alike. It's been years since it became obvious that crypto isn't necessarily usable for benign purposes only. Back in the day, a variety of data encrypt...
The EMV liability shift that began in October 2015 is likely to reduce card present payment card fraud. That’s a double-edged sword for retailers with an online presence and those who accept mobile payments, as fraudsters are seeking easier routes to ill-gotten gain. Add to this the on...
Wow, if you ever wanted to learn about Rugged DevOps (some call it DevSecOps), sit down for a spell with Shannon Lietz, Ian Allison and Scott Kennedy from Intuit. We discussed a number of important topics including internal war games, culture hacking, gamification of Rugged DevOps and ...
As the march to connect each and every noun on this planet continues with a blistering pace, the various ways, contraptions and sensors used to collect data is greatly expanding. What once was a (relatively) small collection of fitness trackers, smartwatches, thermostats, automobiles a...
Internet of Things (IoT), hybrid cloud services, mobile-first, and DevOps are increasing the demands and complexity of the overall development process. Key factors to improving both development speed and security despite these new challenges include new levels of collaboration and com...
Most people love new technology. It can make us more productive. It can lower our costs. It can be very “cool.” So, if it’s true and most people love new technology, why do we tend to adopt new technology on a “curve?” Why do innovators and early adopters jump in early while others bec...
As we have seen the growth in security challenges across the organization, we have also seen the growth in security spending and number of products that an enterprise buys. But have we, as an industry, been able to show that we are better off or worse? There is no clear yardstick to me...
The cloud provides two major advantages to load and performance procedures that help testing teams better model realistic behavior: instant infrastructure and geographic location. Cloud-based load testing also lowers the total cost of ownership, increases flexibility and allows testers...
Initially, we came across ransomware which exploited the entire system and just restricted you from interacting with your own device, later on requiring you to pay dollars if you want to go back and use your computer. And then it started becoming obsolete because an end-user. People...
According to a study the rising number of cloud-specific security attacks are likely to propel the demand for cloud security systems to 20 percent CAGR over the next four years. Adoption of cloud computing services has risen and so have the security risks associated with them. Accordi...
It is a sad but very real truth that many, dare I say most, IT professionals consider alerts to be the bane of their existence. After all, they’re annoying, noisy, mostly useless and frequently false. Thus, we IT professionals who specialize in IT monitoring are likely well acquainted ...
If we are involved in a cyber-war, where are the frontlines? What are the defenses that will work? Much of the efforts done so far in cybersecurity are nothing more than building an ineffective Maginot Line for cyber-defenses. Should we be spending more time (and money) in figuring ou...
Software as a Service (SaaS) is a model that has become a popular choice for deploying enterprise applications, delivering efficiencies and value to organizations in many ways. The benefits SaaS solutions deliver include not only avoiding the major resource drain and licensing costs as...
Currently, the preferred method of data protection of cloud giants, such as Google, is to replicate the data across different locations (i.e., data centers), rather than performing a true back up. This is done because a true back up seems logistically too complicated given the amount o...
The Domain Name Service (DNS) is one of the most important components in networking infrastructure, enabling users and services to access applications by translating URLs (names) into IP addresses (numbers). Because every icon and URL and all embedded content on a website requires a DN...
We all awoke last week to the latest regulatory and reputational risk since names like Madoff and Snowden burst into the headline. Weekly, there are smaller local skirmishes between the behavior of companies, public officials and the prying eyes of an ever more symbiotic relationship b...
Software as a Service has been around for a while. In its early years—late 1990s-early 2000s—it was mostly aimed at individual and departmental use, but in more recent years SaaS has been deployed at the enterprise level. There are companies that don’t use anything else. In the beginn...
Whether intentional or accidental, data leaks are a huge concern for organizations. And it has been for years. Going back to a 2004 survey from an IT security forum hosted by Qualys, found that 67% of security executives do not have controls in place to prevent data leakage, A December...
If you read our blog regularly then you know we’re pretty bullish about our OnPrem Agent product and its behind-the-firewall user-experience monitoring capabilities. What does it mean to monitor behind the firewall? Essentially you’re bringing Catchpoint’s Synthetic Monitoring capab...
Fail fast, fail often. Yeah, but the first failure blew up the satellite. Well, this is just a photo-sharing app..not rocket science. Okay, but your photos are accessed by users who have passwords that they probably use for other things..and aren't some photos as important as satellite...
This is an excerpt of some concepts from his upcoming book, NANOKRIEG: BEYOND BLITZKRIEG, a book covering the changes in Military Infrastructure, Strategies and Tactics needed to win the War on Terrorism. It includes chapters on cyberterrorism and cyberwarfare. With the latest terrori...
The use of Electronic Medical Records (EMR) by medical professionals has increased dramatically. According to HealthIT.gov, 2015 statistics show that 56 percent of all U.S. office-based physicians (MD/DO) have demonstrated meaningful use of electronic health records. The downside of th...
I came across this great article in CIO from Mary Branscombe, in which she discusses the perceived security concerns of moving fast with DevOps. She addresses the concerns people feel towards the speed of rapid releases, automation, and continuous integration and deployment, all of whi...
Private, public or hybrid cloud? This is the question that is being asked by C-level executives and IT professionals across the globe, as each enterprise continues to mature its cloud strategy and rethink the earlier role of cloud and whether to move away from an all public or private ...
There are always threats out there on the big bad internet. The majority of breaches happen at the application layer and many OWASP Top 10s like SQL injection are still malicious favorites to gain entry. Add to that the availability of DDoS tools, anonymous proxies and the rise of hack...
This week we came across an interesting phishing campaign. Users receive a file named “paymentxxx.pdf.” The file is a recently created PDF v1.5 made with Microsoft Word 2007, which can be opened by any PDF reader—Adobe or any other. The PDF is a single-page document and contains a hype...
In the middle of World War II, very basic and primitive computers were designed to improve accuracy for naval gunfire. The first computers ran complex mathematical applications to calculate trajectories and gunfire from large battleships. The size of the computer was huge and was made ...
Thanks to the professional, virtuous work of security researchers Chris Valasek and Charlie Miller and some fantastic reporting on this research by Andy Greenberg of Wired Magazine, we have long known that theoretical hacks against cars are no longer theoretical. They are real. Many co...