Neil MacDonald

A member of the Gartner Blog Network

Archives for January, 2011


Yes, Hypervisors Are Vulnerable.

by Neil MacDonald  |  January 26, 2011  |  5 Comments

In one of my first posts as a blogger nearly 2 years ago, I discussed the potential for disaster if a compromise in the virtualization platform (hypervisor/VMM) occurred. Last year (I was intending to comment on this at the time, but it slipped my mind), I was reading the IBM X-Force 2010 Mid-Year Trend and [...]

5 Comments »

Category: Next-generation Data Center Next-generation Security Infrastructure Virtualization Virtualization Security     Tags: , , , , , , , ,

100% Prevention is a Fallacy. Lockdown is a Flawed Strategy

by Neil MacDonald  |  January 25, 2011  |  Comments Off

I’ve commented before that complete protection is a combination of prevention and detection and that we’ve been far too focused on the prevention side of the equation trying to prevent all malware and infections. We simply cannot stop all of the bad guys. Period. You will be and already have been breached. One of the [...]

Comments Off

Category: Beyond Anti-Virus Next-generation Security Infrastructure Virtualization Security     Tags: , , , , ,

Identifying Browsers and Plugins That Might Represent a Risk

by Neil MacDonald  |  January 21, 2011  |  Comments Off

In my kick off post for 2011, I talked about the need for IT to expand the depth and breadth of patching. In the follow-on post, I talked about the need to migrate more users to run with standard user (and not administrative level) privileges. One of the challenges to both of these actions is [...]

Comments Off

Category: Application Security Information Security Microsoft Microsoft Security Windows 7     Tags: , , , , , ,

Static or Dynamic Application Security Testing? Both!

by Neil MacDonald  |  January 19, 2011  |  6 Comments

Static application security testing (SAST) can be thought of as testing the application from the inside out – by examining its source code, byte code or application binaries for conditions indicative of a security vulnerability. Dynamic application security testing (DAST) can be thought of as testing the application from the outside in – by examining [...]

6 Comments »

Category: Application Security Applications     Tags: , , ,

Multi-tenancy Doesn’t Have to be bad for Security

by Neil MacDonald  |  January 14, 2011  |  2 Comments

One of the reasons that security tops the list of inhibitors for the adoption of public cloud computing is the concern around the use of multi-tenant infrastructure and applications. However, I believe the concerns are often overblown. Everything is multi-tenant at some level. For example, we all share the same planet and the same air. [...]

2 Comments »

Category: Cloud Cloud Security Next-generation Security Infrastructure Virtualization Virtualization Security     Tags: , ,

Improving Your 2011 Security Bang for the Buck Continued

by Neil MacDonald  |  January 6, 2011  |  Comments Off

In my previous post, I kicked off 2011 with a recommendation for improving your “security bang for the buck” or quick wins for information security in 2011 – increasing patching breadth and depth. Here’s a few more to consider in 2011: In a response to this post on the value (or lack thereof) of antivirus [...]

Comments Off

Category: Beyond Anti-Virus Cloud Security Endpoint Protection Platform Windows 7     Tags: , , , , , , , ,

Improving Your 2011 Security Bang for the Buck: Patching Depth and Breadth

by Neil MacDonald  |  January 4, 2011  |  Comments Off

I am back from the holidays and was responding to some comments on my previous blog post on antivirus technologies and the shift to endpoint protection platforms where one of the readers had recommended disabling autorun on removable media for a quick win for information security. There are several things in information security that we [...]

Comments Off

Category: Application Security Beyond Anti-Virus Endpoint Protection Platform Information Security     Tags: , , , , , ,