Gartner Blog Network

Tag: 'security-no-brainer' Blog Posts

from the Gartner Blog Network

Link Web Application Firewalls to Dynamic Application SecurityTesting Tools

by Neil Macdonald  |  January 9, 2012

I called this a “security no brainer” years ago and the advice is absolutely still relevant today. In Gartner’s latest Magic Quadrant for Dynamic Application Security Testing (DAST) solutions for...

Read more »

Data Loss Prevention Needs to Evolve

by Neil Macdonald  |  October 11, 2011

Traditional data loss prevention has been focused on looking for signatures and patterns of sensitive data at rest within the organization and as it moves throughout the organization, including to...

Read more »

The Single Most Important Way to Improve Endpoint Security

by Neil Macdonald  |  August 23, 2011

Run more of your Windows users without administrator rights. I’ve talked about this several times before – including here, here and here. While it may not be feasible to remove...

Read more »

Improving Your 2011 Security Bang for the Buck Continued

by Neil Macdonald  |  January 6, 2011

In my previous post, I kicked off 2011 with a recommendation for improving your “security bang for the buck” or quick wins for information security in 2011 – increasing patching...

Read more »

Improving Your 2011 Security Bang for the Buck: Patching Depth and Breadth

by Neil Macdonald  |  January 4, 2011

I am back from the holidays and was responding to some comments on my previous blog post on antivirus technologies and the shift to endpoint protection platforms where one of...

Read more »

Free Stuff to Help run as Standard User

by Neil Macdonald  |  April 1, 2010

One of the constant recommendations in my research is to reduce your exposure to malware by running more users as standard user. I’ve talked about this issue here, here and...

Read more »

Google, IE, China and Zero Day Attacks: Three Lessons

by Neil Macdonald  |  January 18, 2010

We’ve got a team of analysts working on a broader event research note that will be published shortly. What I wanted to discuss here is “so what do I do...

Read more »

More Application Security Goodness From OWASP

by Neil Macdonald  |  January 14, 2010

I’ve written before about OWASP and the guidance they provide to organizations looking to improve application security. One of the best practices for improving application security is to ensure that...

Read more »

Security No-Brainer #9: Application Vulnerability Scanners Should Communicate with Application Firewalls

by Neil Macdonald  |  August 19, 2009

If a web application security testing tool tells me I have a vulnerability in an application, what do I do? “Fix it” is the right answer, but not always so...

Read more »

Security No-Brainer #8: Run Users As Standard User

by Neil Macdonald  |  August 13, 2009

Mostly for legacy reasons, many of us continue to run users with administrative privileges on their Windows workstations. Running as standard user reduces exposure to malware by preventing users from...

Read more »