Gartner Blog Network

Category: 'application-security' Blog Posts

from the Gartner Blog Network

Getting Ready for Gartner’s 2012 Infrastructure & Operations and Information Security Summits

by Neil Macdonald  |  May 21, 2012

I’ve been absent from my typical blogging routine getting my material finalized for two Gartner upcoming US-based summits in June 2012. The first is Gartner’s Infrastructure and Operations Management Summit...

Read more »

Intrusion Prevention Systems? We Need Intrusion Resilient Systems

by Neil Macdonald  |  February 3, 2012

I’ve blogged before about advanced threats that easily bypass our traditional protection mechanisms and reside undetected for extended periods of time on our systems. On one of the panels I...

Read more »

Interactive Application Security Testing

by Neil Macdonald  |  January 30, 2012

Dynamic Application Security Testing (DAST) solutions test applications from the “outside in” to detect security vulnerabilities. In contrast, Static Application Security Testing (SAST) solutions test applications from the “inside out”...

Read more »

DevOps Needs to Become DevOpsSec

by Neil Macdonald  |  January 17, 2012

DevOps seeks to bridge the development and operations divide through the establishment of a culture of trust and shared interest among individuals in these previously siloed organizations. However, this vision...

Read more »

Link Web Application Firewalls to Dynamic Application SecurityTesting Tools

by Neil Macdonald  |  January 9, 2012

I called this a “security no brainer” years ago and the advice is absolutely still relevant today. In Gartner’s latest Magic Quadrant for Dynamic Application Security Testing (DAST) solutions for...

Read more »

The Market for Dynamic Application Security Testing is Anything but Static

by Neil Macdonald  |  January 4, 2012

We’ve just published a new Magic Quadrant for Dynamic Application Security Testing (DAST) for Gartner clients. In Gartner research, we use the term DAST to refer to testing solutions and...

Read more »

Security Observations from European Symposium

by Neil Macdonald  |  November 14, 2011

I spent the last week in Barcelona with 4,000+ attendees at the 2011 Gartner European Symposium. It was a new venue for Gartner (we were displaced from Cannes by the...

Read more »

US Symposium Summary from a Security Perspective

by Neil Macdonald  |  October 24, 2011

Last week I attended Gartner’s US Symposium conference in Orlando. With 8,000+ attendees (25% of which were CIOs) and at least 1,000 more analysts, vendors and support staff, you can...

Read more »

Protecting Intellectual Property in Source Code Requires a Two Prong Strategy

by Neil Macdonald  |  August 5, 2011

I had a discussion with a client today looking to protect sensitive intellectual property in their source code. I discussed two primary areas of risk: 1) that the developers (some...

Read more »

Some Thoughts on RSA SecurID Risk

by Neil Macdonald  |  June 9, 2011

On 3 June 2011, RSA, the Security Division of EMC, confirmed that Lockheed Martin had proof that hackers attacked its network partly by using data stolen in a March 2011...

Read more »