Archives for September, 2010
by Neil MacDonald | September 28, 2010 | Comments Off
I work with clients daily on how to change their development (and procurement) processes to product more secure code. I wrote in this blog, that application security cannot be solved with technology alone, yet I still run into organizations trying to solve their application security problems with the purchase of a static or dynamic application [...]
Category: Application Security Tags: Application Security, application security testing tools, Best Practices, Maturity Models, Microsoft
by Neil MacDonald | September 24, 2010 | Comments Off
Microsoft Security Essentials (MSE) is a free consumer offering originally delivered to market in 2009 based on the same engine and anti-malware feeds that are used within Microsoft’s for-fee enterprise-oriented Forefront Endpoint Protection (FEP). I saw this announcement from Microsoft earlier in the week. From the announcement: For this reason, Microsoft is announcing that beginning [...]
Category: Endpoint Protection Platform Microsoft Microsoft Security Tags: Endpoint Protection Platform, Microsoft, Microsoft Security, Reducing Cost, Windows
by Neil MacDonald | September 22, 2010 | 11 Comments
Migrating from IE6 to IE8 is not easy because of legacy web-enabled applications that don’t render correctly on IE8 and vendors that are slow to officially support it. There are a variety of ways to virtualize IE6 to help with this issue, including using application virtualization tools. I originally wrote about the potential issues using [...]
Category: Microsoft Microsoft Security Virtualization Tags: Microsoft, Microsoft Security, Virtualization, Windows
by Neil MacDonald | September 21, 2010 | Comments Off
I’m here at the midsized enterprise summit in San Antonio. Earlier today, I presented on the same theme I will be presenting on at Gartner’s US Fall Symposium – the evolution of information security to address the security needs of private and public cloud-based services. In addition to the virtualization of security controls, one of [...]
Category: Cloud Security Next-generation Security Infrastructure Virtualization Virtualization Security Tags: Adaptive Security Infrastucture, Cloud Security, Next-generation Data Center, Next-generation Security Infrastructure, Reducing Complexity, Virtualization Security
by Neil MacDonald | September 16, 2010 | 6 Comments
Earlier this week, I saw this article describing a security breach by an internal Google employee where a site reliability engineer (now fired) had violated the privacy of multiple email accounts. From the article: Barksdale’s intrusion into Gmail and Gtalk accounts may have escaped notice, since SREs are responsible for troubleshooting issues on a constant [...]
Category: Cloud Cloud Security Next-generation Data Center Virtualization Security Tags: Best Practices, Cloud Security, Information Security, Next-generation Security Infrastructure, Virtualization Security
by Neil MacDonald | September 13, 2010 | Comments Off
I was part of the Gartner team that published our First Take on the Intel acquisition of McAfee. Talking with financial analysts, there’s the immediate value of revenue diversification and McAfee’s gross margins are accretive to Intel. But there’s more here than meets the eye. I’ve been around the IT industry a while and there [...]
Category: Beyond Anti-Virus Endpoint Protection Platform Information Security Next-generation Security Infrastructure Virtualization Security Tags: Adaptive Security Infrastucture, Beyond Anti-Virus, Endpoint Protection Platform, Information Security, Next-generation Security Infrastructure, Reducing Complexity, Virtualization Security, VMsafe, VMware, Whitelisting
by Neil MacDonald | September 10, 2010 | 1 Comment
Our mobile analysts are working on the official Gartner analysis of the announcement and I’ll link to this when it becomes available. As Gartner’s primary analyst on Microsoft, I interviewed Stephen at Gartner’s US Fall Symposium last fall. Over the past several years, I’ve gotten to know Stephen Elop pretty well. He is a great [...]
Category: General Technology Microsoft Tags: Microsoft
by Neil MacDonald | September 9, 2010 | 7 Comments
I’ve written multiple times on the power of whitelisting (default deny) for applications running on end-user workstations and servers. I am convinced that whitelisting should be foundational in our strategy for securing endpoints. So far, the application control vendors have focused on whitelisting what applications are allowed to run. This is straightforward in concept, but [...]
Category: Beyond Anti-Virus Endpoint Protection Platform Information Security Tags: Beyond Anti-Virus, Defense-in-Depth, Endpoint Protection Platform, Information Security, Next-generation Security Infrastructure, Whitelisting
