Gartner Blog Network

Tag: 'defense-in-depth' Blog Posts

from the Gartner Blog Network

Apple’s iOS 7 is a Significant Step Forward

by Neil Macdonald  |  August 14, 2013

From a security perspective, I’ve been keeping a close eye on iOS and Android. From what I’ve seen so far, iOS 7 is a significant step forward. To get deeper...

Read more »

Virtualization, Containers and Other Sandboxing Techniques Should be on Your Radar Screen

by Neil Macdonald  |  March 16, 2013

  The idea of “sandboxing” potentially malicious content and applications isn’t new but interest in this type of approach on Windows desktops is growing. Further, the increasing variety of virtualization...

Read more »

This Just In: Signature-based Protection Ineffective Against Targeted Attacks

by Neil Macdonald  |  January 31, 2013

  Seriously, is anyone surprised? I’m sure you’ve seen the news about Chinese infiltration at the New York Times: http://www.nytimes.com/2013/01/31/technology/chinese-hackers-infiltrate-new-york-times-computers.html According to the article: Over the course of three months,...

Read more »

Virtual Firewalls or Physical? Wrong Question.

by Neil Macdonald  |  November 5, 2012

I still see people getting bogged down in rather meaningless arguments as to whether or not firewalls will be virtualized. They will (and, in fact, are). The bigger trend is...

Read more »

What the Most Recent Zero Day in IE Should Teach Us

by Neil Macdonald  |  September 22, 2012

  I saw yesterday that Microsoft had released the out of band patch for Internet Explorer as they had committed to do. Certainly, Microsoft’s motivation to quickly release the patch...

Read more »

Is Antivirus Obsolete?

by Neil Macdonald  |  September 13, 2012

I blogged about this question years ago, but a recent blog on CSO got me thinking once again. Has anything changed? Thoughts: 1) The question “Has antivirus outlived its value?”...

Read more »

Intrusion Prevention Systems? We Need Intrusion Resilient Systems

by Neil Macdonald  |  February 3, 2012

I’ve blogged before about advanced threats that easily bypass our traditional protection mechanisms and reside undetected for extended periods of time on our systems. On one of the panels I...

Read more »

DevOps Needs to Become DevOpsSec

by Neil Macdonald  |  January 17, 2012

DevOps seeks to bridge the development and operations divide through the establishment of a culture of trust and shared interest among individuals in these previously siloed organizations. However, this vision...

Read more »

Data Loss Prevention Needs to Evolve

by Neil Macdonald  |  October 11, 2011

Traditional data loss prevention has been focused on looking for signatures and patterns of sensitive data at rest within the organization and as it moves throughout the organization, including to...

Read more »

Does Protecting Desktops Require a Different Vendor/Product than Protecting Servers?

by Neil Macdonald  |  September 29, 2011

I’ve made it a point over the past 6 months to ask clients if they are combining their endpoint protection platform contracts across desktops, laptops and servers. In most cases...

Read more »