by John Pescatore | October 25, 2011
Within weeks of the first telegraph, DoS, MitM and phishing messages were commonplace.
by John Pescatore | October 18, 2011
Supporting more than just Blackberries for email raises support cost and security.
by John Pescatore | September 27, 2011
Increasingly distributed/complex NGFW/IPS: netsec policy more dimensions than quantum physics.
by John Pescatore | September 22, 2011
Jim Crow: You wanna make the elephant fly, don’t ya? Well, you gotta use a lot of ‘chology. You know, *psy*-chology. Now here’s what you do. First, you’ll uh… Jim Crow: [all the crows whisper] Jim Crow: And then right after that, you’ll uh… [whispers continue] Jim Crow: [plucks a feather from the youngest crow’s […]
by John Pescatore | September 20, 2011
iPhones/iPads are a hurricane. Business demanding heterogeneous devices is climate change.
Twelve Word Tuesday: Forcing Standard Cloud Processes on Custom Business Problems Leads to New Vulnerabilities
by John Pescatore | September 13, 2011
Square pegs jammed into round holes leads to leaks and exposures galore.
by John Pescatore | August 9, 2011
Web-site vulnerabilities: hacker’s low-hanging fruit – don’t leave a ladder against the tree.
by John Pescatore | August 5, 2011
I’ve done a lot of calls this year with Gartner clients reviewing and updating their DMZ designs. As I pointed out here, not a lot of “de-perimieterization” going on – and for the usual good reasons. Most of the redesigns are adjustments for dealing with virtualization in the data center or in changing patterns of […]
by John Pescatore | August 4, 2011
I grew up in Long Island, New York and pretty much took it for granted that when you flushed the toilet, the waste products went down a pipe out the front of your house to a bigger pipe where professionals handled it all from there. When I moved to Maryland and bought a house, I […]
by John Pescatore | August 3, 2011
Back in early late 1990’s and early 2000’s, penetration testing got a bad name. Mostly because there were a lot of small security consulting firms sprouting up and offering penetration tests for $500 or less, and these pen tests weren’t all that much different than what more established firms had charging tens of thousands of […]