ADS BY GOOGLE
From the Blogosphere

Congratulations and thank you to the winners and participants of the DocuSign Hackathon! I wanted to do a postmortem and share some of my observations. Let’s examine the characteristics of the successful teams...
A few years ago, a gentleman created a video showing how quickly an unpatched, unprotected Windows XP machine was infected once connected to the public Internet (the linked video is worth a watch, and is short). That video took the business community pretty much by storm, but was old n...
First-Ever eSignature Hackathon Awards $25,000 in Cash Prizes to Innovative Apps with Integrations on the DocuSign Application Programming Interface (API) We’re excited to announce the winners of the first-ever ESIGN Hackathon! Following 35 non-stop hours of heated competition, D...
Cloud and security still take top billing in many discussions today, perhaps because of the nebulous nature of the topic. If we break down security concerns in a public cloud computing environment we can separate them into three distinct categories of risk – the infrastructure, the app...
A few years ago, Washington D.C.’s Metropolitan Police Department revolutionized its patrols, the backbone of law enforcement, by installing laptops into squad cars, allowing officers to have true two-way communication with dispatchers, keep track of other calls and incidents in ...
Just kidding…partially. Have you seen the latest 2011 Verizon Data Breach Investigations Report? It is chock full of data about breaches, vulnerabilities, industry demographics, threats and all the other internet security terms that make the headlines. It is an interesting view into...
Wednesday morning I received new photographs of Sofia from the State Department in Washington, DC. Sofia remains in Syria since being abducted in July 2010. The day after my last tweet regarding the lack of any new information about my abducted daughter Sofia since March 4, I received ...
It has been a while since I wrote a Load Balancing for Developers installment, and since they’re pretty popular and there’s still a lot about Application Delivery Controllers (ADCs) that are taken for granted in the Networking industry but relatively unknown in the development world, I...
Note: While talking about this post with Lori during a break, it occurred to me that you might be thinking I meant “MS Windows”. Not this time, but that gives me another blog idea… And I’ll sneak in the windows –> Windows simile somewhere, no doubt. Did you ever ponder the history of ...
As part of federal CIO Vivek Kundra’s 25-point plan to reform federal IT management announced last December, federal agencies must adopt a “cloud-first” policy that requires them to move three applications to the “cloud” over the next 12 to 18 months. Agencies must identify the three “...
As we’ve seen with some of the recent high profile internet attacks, like HBGary, RSA, Google, Comodo and others, no one is immune from being a target and the perpetrators are exceedingly organized, exceptionally skilled and extremely well-funded. Often, the culprits might be better tr...
Last year I embarked on a blog series, lead by my trusty advisor CloudFucius, that evolved into an exploration of the numerous cloud computing surveys, reports, statistics and other feelings about the technology. At the time, 4-5 surveys a week were being released covering some aspect...
I read an article that lays out how to ensure your data is protected when you’re running IT on the Cloud. It brought up a few good points that I think can be added upon. For one, it urges organizations to select service options such as performance and capacity levels that best suit t...
Lack of data security is often due to corporate culture and the fear of change. Unfortunately, there are executives who believe IT security will hinder users’ business productivity. However, a culture of data security is not one that limits the ability to succeed in business, but one t...
Last week (see part 1, part 2 and part 3 here) we saw that a proper Log Management tool is a powerful tool to catch the bad guys. Advertise your use of such a tool and you will send a clear signal to would-be attackers that they will be caught, which will act as a powerful deterrent, ...
Denial-of-Service attacks are nothing new, and they’ve been a thorn in the side of data center managers and IT staff for decades now. For most organizations a decade ago, DOS attacks were often little more than an annoyance, and meant restricted email or Internet access for a short tim...
comScore always has some very interesting statistics when measuring the digital world and these recent reports are no different. The 2010 U.S. Digital Year in Review has great info both in understanding media trends and knowing what the end user is actually doing out there. The 2010 ...
Let’s review why logs are such a popular and powerful tool when performing forensics, and how to insure that investigators are working from a clean stream of data. Logs used in forensics have several distinct advantages. First, logs can be used not only to solve the IT crime, but als...
To ensure our customers continue to trust DocuSign for the fastest, easiest, most secure way to get a signature, it’s important that we put further safeguards in place to protect our multi-tenant data centers. While you have probably already heard through our webinars and certification...
The London Stock Exchange, Android phones and even the impenetrable Mac have all been malware targets recently. If you’re connected to the internet, you are at risk. It is no surprise that the crooks will go after whatever device people are using to conduct their life – mobile for ex...
One of the key questions which comes up in API Management is about which authentication scheme to use. Gunnar Peterson has written, in a different context, about the benefit to the security architect of providing a menu of authentication schemes to use. Some clients are limited by what...
Last week, General Alexander (director of NSA and commander, USCYBERCOM) spoke at the RSA conference in San Francisco. He pointed out the the explosion of technology over the past 10 years. That users went from an average of 250MB of personal files, to over 128GB. The fact that 70% of ...

The claim a company is not a “true security company” because they don’t focus solely on security products is a red herring.

Feb. 28, 2011 05:48 AM EST  Reads: 7,044

I had a great time in San Francisco last week seeing and interviewing many of our security partners. Special thanks goes out to Jerry Skurla and Kara Hutchins of NitroSecurity, Chris Poulin with Q1 Labs, Jeremiah Grossman of WhiteHat Security, F5’s Andy Oehler, Benny Czarny and Steven...
In Part 1 we saw that Defensive Security is not enough to solve the $1 trillion Intellectual Property and IT theft and cybercrime problem. This week, more about Preventive Security. Preventive Security is a set of technologies and processes used to prevent security incidents from eve...
Recognizing the relationship between and subsequently addressing the three core operational risks in the data center will result in a stronger operational posture. Risk is not a synonym for lack of security. Neither is managing risk a euphemism for information security. Risk – especia...
Security concerns about the public cloud have always been a top priority here at CloudSwitch. Moving to the public cloud is fraught with potential risks and security managers have legitimate concerns about data integrity, an opaque security model in the cloud and unauthorized access by...
I, among many other F5ers will be in San Francisco next week attending the RSA Conference at Moscone Center. I’ll be visiting with and interviewing many of our security partners like Splunk, PhoneFactor, Q1 Labs, WhiteHat Security, OPSWAT and others. If you are a partner or customer ...
I love starting blogs with, ‘Remember when…’ and this is no different. Remember when, we used to receive our television programming over the air via an antenna? Many still do but the days of seeing a huge pointy metal object perched on top of a house are dwindling. (That would actua...
Last week, we saw that Defensive Security is not enough to solve the $1 trillion Intellectual Property and IT theft and cybercrime problem. This week, more about Preventive Security. Preventive Security is a set of technologies and processes used to prevent security incidents from ev...
I got a request yesterday morning to asking if there was a way to drop HTTP requests if a certain number was referenced in the Accept-Language header. The user referenced this post on Exploring Binary. The number, 2.2250738585072012e-308, causes the Java runtime and compiler to go int...
It's hard to plan any strategy for business and the IT forces that drive it, if the continuity of those services is suspect. Social media and the accelerating uses of mobile devices and networks are only adding more questions to the daunting issues around privacy and access. And, the W...
I'm in the process of getting the Boston chapter of the Cloud Security Alliance started. I'm just waiting for the "paperwork" to go through, but I'm really excited about what I'm hearing from customers about the cloud. Coming from Oracle, you get a bit of the "Larry Hates the Cloud" mi...
Over the next few posts, we’ll investigate how the expression “An ounce of prevention is worth a pound of cure” could also be applied to the IT world, and what are the tools to foster such prevention through behavior modification. When looking at IT security, it seems that most of the...
Indeed, the Signature Mortgage story was so compelling, that Bob was invited to also share the stage with two of IBM’s corporate clients during Sean Poulley’s strategy session in the morning, as well as participate in an analyst panel discussion on cloud computing later in the day. I ...
I am thrilled to announce that Silanis has been awarded the “Best in Business Transformation Through Cloud Computing” accolade at Lotusphere 2011, in addition to becoming a finalist in the “Industry Business Value” category! Silanis was chosen amongst hundreds of application from arou...
This week, Facebook fell victim to hackers who managed to deface Mark Zuckerberg’s page, no doubt earning the perpetrators tremendous props within their own social community. Facebook quickly closed the door on that particular exploit, but by then of course the Internets were abuzz and...
On the day when the Dow Jones Industrial Average topped 12,000 for the first time since June 2008, it was impossible not to correlate the eloquence and optimism of President Obama's "State of the Union" speech on Tuesday night with the restoration of a sense of perspective and hope in ...
A DDoS is an attack that consumes the resources of the target machine so that that machine is not able to respond, Hal says. It is an old problem: there was a CERT Advisory about an IP spoofing attack in 1996. A distributed DoS attack uses lots of machines to attack the host, typically...
In the communications profession we find two categories of people. Those who are well known, show up at the best conferences, events, and parties – and those who spend their careers behind the scenes doing the heavy lifting of planning, construction, installation, and operations. Ken...


ADS BY GOOGLE