Entries Categorized as 'Next-generation Security Infrastructure'
by Neil MacDonald | February 3, 2012 | 1 Comment
I’ve blogged before about advanced threats that easily bypass our traditional protection mechanisms and reside undetected for extended periods of time on our systems. On one of the panels I moderated on APTs, Dave Merkel from Mandiant put it best. “You are compromised, get over it”. Others in the US Government have come to the [...]
Category: Application Security Beyond Anti-Virus Cloud Cloud Security Next-generation Security Infrastructure Security Intelligence Tags: Adaptive Security Infrastucture, Application Security, Best Practices, Beyond Anti-Virus, Cloud Security, Context-aware Security, DC-Summit-NA, Defense-in-Depth, DevOpsSec, Next-generation Security Infrastructure
by Neil MacDonald | January 17, 2012 | Comments Off
DevOps seeks to bridge the development and operations divide through the establishment of a culture of trust and shared interest among individuals in these previously siloed organizations. However, this vision is incomplete without the incorporation of information security, which represents yet another silo in IT. Breakdowns in communications and processes across development, operations and security [...]
Category: Application Security Next-generation Security Infrastructure Tags: Adaptive Security Infrastucture, application security testing tools, Defense-in-Depth, DevOpsSec, Next-generation Data Center, Next-generation Security Infrastructure, Security-Summit-NA
by Neil MacDonald | December 9, 2011 | 1 Comment
I’m just back from Gartner’s US 2011 Data Center Summit held this week in Las Vegas. In my previous post, I talked about information security vendor’s concerns on the potential impact of the Eurozone crisis on information security spending. Here, I want to outline the top security-related issues and concerns that I discussed with attendees [...]
Category: Cloud Cloud Security Next-generation Data Center Next-generation Security Infrastructure Virtualization Virtualization Security Tags: Cloud Security, GartnerDC, Hypervisor Security, Information Security, Next-generation Data Center, Next-generation Security Infrastructure, Virtualization Security, vShield
by Neil MacDonald | October 24, 2011 | 1 Comment
Last week I attended Gartner’s US Symposium conference in Orlando. With 8,000+ attendees (25% of which were CIOs) and at least 1,000 more analysts, vendors and support staff, you can imagine it was quite a scene. In addition to three presentations, I had more than 30 fantastic one on ones with attendees over the four [...]
Category: Application Security Beyond Anti-Virus Cloud Cloud Security Information Security Microsoft Security Next-generation Security Infrastructure Virtualization Virtualization Security Tags: Adaptive Security Infrastucture, Beyond Anti-Virus, Cloud Security, Context-aware Security, DC-Summit-NA, Endpoint Protection Platform, Information Security, Microsoft Security, symposium, Virtualization Security
by Neil MacDonald | October 13, 2011 | Comments Off
Context-aware security is the use of supplemental information to improve security decisions at the time the decision is made. The goal? More-accurate security decisions capable of supporting more-dynamic business and IT environments as well as providing better protection against advanced threats. In this 2010 research note that provided a definition and framework for understanding context-aware [...]
Category: Next-generation Security Infrastructure Security Intelligence Tags: Adaptive Security Infrastucture, Context-aware Security, Endpoint Protection Platform, Next-generation Security Infrastructure, symposium
by Neil MacDonald | October 11, 2011 | 1 Comment
Traditional data loss prevention has been focused on looking for signatures and patterns of sensitive data at rest within the organization and as it moves throughout the organization, including to destinations outside of the enterprise (the latter is where most organizations have started). <digress> You noticed I didn’t use the term “DLP”. That’s because I [...]
Category: Information Security Next-generation Security Infrastructure Security Intelligence Tags: Defense-in-Depth, Information Security, Next-generation Security Infrastructure, Security No-Brainer
by Neil MacDonald | September 29, 2011 | 2 Comments
I’ve made it a point over the past 6 months to ask clients if they are combining their endpoint protection platform contracts across desktops, laptops and servers. In most cases (about 75%), the answer is yes – contracts are being combined in order to reduce complexity and costs. Is protecting a desktop different than a [...]
Category: Beyond Anti-Virus Endpoint Protection Platform Next-generation Security Infrastructure Tags: Adaptive Security Infrastucture, Beyond Anti-Virus, Defense-in-Depth, Endpoint Protection Platform, Lockdown, Next-generation Security Infrastructure, Reducing Complexity, Reducing Cost, Windows
by Neil MacDonald | August 27, 2011 | Comments Off
VMware quietly disclosed it has acquired PacketMotion in this recent blog post by Dean Coza of VMware. We identified PacketMotion as a cool vendor in Gartner in this 2009 research for clients. Essentially, PacketMotion uses standard Intel-based hardware appliances (as well as a virtualized probe implementation that runs inside of virtualized environments) to deliver full [...]
Category: Next-generation Security Infrastructure Virtualization Security Tags: Adaptive Security Infrastucture, Context-aware Security, Next-generation Data Center, Next-generation Security Infrastructure, VMware, vShield, vSphere
by Neil MacDonald | August 24, 2011 | 1 Comment
As I research into the future of adaptive security infrastructure, I am convinced that the future of information security lies in software, not hardware. If you think about it for a bit, most of information security policy enforcement is in the form of software already – it’s just embodied (entombed?) in physical hardware. Unfortunately, the [...]
Category: Cloud Cloud Security Next-generation Security Infrastructure Virtualization Security Tags: Adaptive Security Infrastucture, Cloud Security, Context-aware Security, Next-generation Data Center, Next-generation Security Infrastructure, Virtual Appliances, Virtualization Security
by Neil MacDonald | July 11, 2011 | Comments Off
I’ve been absent from blogging for 2 weeks – first we had the Gartner Information Security Summit in DC and then I took some time off for a much-needed vacation. We spent some time at Hilton Head Island in South Carolina. They’ve got a pretty amazing flat beach where the difference between high tide and [...]
Category: Beyond Anti-Virus Information Security Next-generation Security Infrastructure Tags: APTs, Beyond Anti-Virus, Defense-in-Depth, Information Security, Next-generation Security Infrastructure, Security-Summit-NA, Systematic Workload Reprovisioning
