Gartner Blog Network

Category: 'security-intelligence' Blog Posts

from the Gartner Blog Network

Information Security and Big Data–Hype or Hope?

by Neil Macdonald  |  May 22, 2012

I been a proponent of the use of big data analytics techniques being applied to the next-generation of information security problems. Is there bound to be hype? Absolutely. That’s why...

Read more »

Getting Ready for Gartner’s 2012 Infrastructure & Operations and Information Security Summits

by Neil Macdonald  |  May 21, 2012

I’ve been absent from my typical blogging routine getting my material finalized for two Gartner upcoming US-based summits in June 2012. The first is Gartner’s Infrastructure and Operations Management Summit...

Read more »

Intrusion Prevention Systems? We Need Intrusion Resilient Systems

by Neil Macdonald  |  February 3, 2012

I’ve blogged before about advanced threats that easily bypass our traditional protection mechanisms and reside undetected for extended periods of time on our systems. On one of the panels I...

Read more »

Interactive Application Security Testing

by Neil Macdonald  |  January 30, 2012

Dynamic Application Security Testing (DAST) solutions test applications from the “outside in” to detect security vulnerabilities. In contrast, Static Application Security Testing (SAST) solutions test applications from the “inside out”...

Read more »

Link Web Application Firewalls to Dynamic Application SecurityTesting Tools

by Neil Macdonald  |  January 9, 2012

I called this a “security no brainer” years ago and the advice is absolutely still relevant today. In Gartner’s latest Magic Quadrant for Dynamic Application Security Testing (DAST) solutions for...

Read more »

Next-gen Context Aware Intrusion Prevention

by Neil Macdonald  |  October 13, 2011

Context-aware security is the use of supplemental information to improve security decisions at the time the decision is made. The goal? More-accurate security decisions capable of supporting more-dynamic business and...

Read more »

Data Loss Prevention Needs to Evolve

by Neil Macdonald  |  October 11, 2011

Traditional data loss prevention has been focused on looking for signatures and patterns of sensitive data at rest within the organization and as it moves throughout the organization, including to...

Read more »

Security Thought for Thursday: We are Overspending on Traditional Security Controls

by Neil Macdonald  |  July 14, 2011

We can’t secure everything equally, nor does everything need to be equally secured. What we need is a context-aware, risk-based view of where to focus our efforts where part of...

Read more »

Information Security is Becoming a Big Data Problem

by Neil Macdonald  |  April 12, 2011

We talk about the need for analytics and business intelligence to help the business make better business decisions, It is time to bring this same technology to the information security...

Read more »

NAC, DLP and Application Control: It’s About the Visibility, not the Control

by Neil Macdonald  |  March 9, 2011

Sitting here in the airport getting ready to fly back home, it occurred to me that all of these hyped technologies have had a critical shift in mindset over the...

Read more »