Neil MacDonald

A member of the Gartner Blog Network

Entries Categorized as 'Security Intelligence'


Information Security and Big Data–Hype or Hope?

by Neil MacDonald  |  May 22, 2012  |  6 Comments

I been a proponent of the use of big data analytics techniques being applied to the next-generation of information security problems. Is there bound to be hype? Absolutely. That’s why Gartner publishes a large number of technology hype cycles each year. Technologies invariably get overhyped, fall into the “Trough of Disillusionment” and ultimately assume an […]

6 Comments »

Category: Beyond Anti-Virus Big Data and Information Security Next-generation Security Infrastructure Security Intelligence     Tags: , , , ,

Getting Ready for Gartner’s 2012 Infrastructure & Operations and Information Security Summits

by Neil MacDonald  |  May 21, 2012  |  Comments Off

I’ve been absent from my typical blogging routine getting my material finalized for two Gartner upcoming US-based summits in June 2012. The first is Gartner’s Infrastructure and Operations Management Summit being held in Orlando the week of June 4th. This conference is focused on infrastructure and operations solutions for managing desktops, servers, and mobile devices […]

Comments Off

Category: Application Security Beyond Anti-Virus Big Data and Information Security Cloud Security Information Security Next-generation Security Infrastructure Security Intelligence Virtualization Security     Tags: , , , , , , , , , , , , ,

Intrusion Prevention Systems? We Need Intrusion Resilient Systems

by Neil MacDonald  |  February 3, 2012  |  1 Comment

I’ve blogged before about advanced threats that easily bypass our traditional protection mechanisms and reside undetected for extended periods of time on our systems. On one of the panels I moderated on APTs, Dave Merkel from Mandiant put it best. “You are compromised, get over it”. Others in the US Government have come to the […]

1 Comment »

Category: Application Security Beyond Anti-Virus Cloud Cloud Security Next-generation Security Infrastructure Security Intelligence     Tags: , , , , , , , , ,

Interactive Application Security Testing

by Neil MacDonald  |  January 30, 2012  |  8 Comments

Dynamic Application Security Testing (DAST) solutions test applications from the “outside in” to detect security vulnerabilities. In contrast, Static Application Security Testing (SAST) solutions test applications from the “inside out” by looking a source code, byte code or binaries. Both approaches have their pros and cons and, until recently, the market for these tools has […]

8 Comments »

Category: Application Security Security Intelligence     Tags: , ,

Link Web Application Firewalls to Dynamic Application SecurityTesting Tools

by Neil MacDonald  |  January 9, 2012  |  6 Comments

I called this a “security no brainer” years ago and the advice is absolutely still relevant today. In Gartner’s latest Magic Quadrant for Dynamic Application Security Testing (DAST) solutions for clients, one of the evaluation criteria we looked at was whether or not the vulnerability knowledge of the DAST solution could be exported and used […]

6 Comments »

Category: Application Security Security Intelligence     Tags: , , ,

Next-gen Context Aware Intrusion Prevention

by Neil MacDonald  |  October 13, 2011  |  Comments Off

Context-aware security is the use of supplemental information to improve security decisions at the time the decision is made. The goal? More-accurate security decisions capable of supporting more-dynamic business and IT environments as well as providing better protection against advanced threats. In this 2010 research note that provided a definition and framework for understanding context-aware […]

Comments Off

Category: Next-generation Security Infrastructure Security Intelligence     Tags: , , , ,

Data Loss Prevention Needs to Evolve

by Neil MacDonald  |  October 11, 2011  |  1 Comment

Traditional data loss prevention has been focused on looking for signatures and patterns of sensitive data at rest within the organization and as it moves throughout the organization, including to destinations outside of the enterprise (the latter is where most organizations have started). <digress> You noticed I didn’t use the term “DLP”. That’s because I […]

1 Comment »

Category: Information Security Next-generation Security Infrastructure Security Intelligence     Tags: , , ,

Security Thought for Thursday: We are Overspending on Traditional Security Controls

by Neil MacDonald  |  July 14, 2011  |  Comments Off

We can’t secure everything equally, nor does everything need to be equally secured. What we need is a context-aware, risk-based view of where to focus our efforts where part of the context is the business value and sensitivity of the asset we are protecting.

Comments Off

Category: Information Security Security Intelligence     Tags: ,

Information Security is Becoming a Big Data Problem

by Neil MacDonald  |  April 12, 2011  |  Comments Off

We talk about the need for analytics and business intelligence to help the business make better business decisions, It is time to bring this same technology to the information security department. What we need is actionable, prioritized and risk-based insight from this sea of information. I’ll take it a bit further. There are some emerging […]

Comments Off

Category: Cloud Security Next-generation Security Infrastructure Security Intelligence     Tags: , , , , ,

NAC, DLP and Application Control: It’s About the Visibility, not the Control

by Neil MacDonald  |  March 9, 2011  |  Comments Off

Sitting here in the airport getting ready to fly back home, it occurred to me that all of these hyped technologies have had a critical shift in mindset over the past several years. Each of these technologies was originally touted with their ability to block and control “bad things” from happening. With NAC, this entailed […]

Comments Off

Category: Beyond Anti-Virus Endpoint Protection Platform Security Intelligence     Tags: , , , ,