Neil MacDonald

A member of the Gartner Blog Network

Entries Tagged as 'APTs'


Virtualization, Containers and Other Sandboxing Techniques Should be on Your Radar Screen

by Neil MacDonald  |  March 16, 2013  |  Comments Off

  The idea of “sandboxing” potentially malicious content and applications isn’t new but interest in this type of approach on Windows desktops is growing. Further, the increasing variety of virtualization and abstraction techniques available on Windows create isolation that can be used to provide security separation – aka “sandboxing”. Given the innovation around virtualization techniques [...]

Comments Off

Category: Beyond Anti-Virus Endpoint Protection Platform Next-generation Security Infrastructure Virtualization Virtualization Security     Tags: , , , , , , , , ,

This Just In: Signature-based Protection Ineffective Against Targeted Attacks

by Neil MacDonald  |  January 31, 2013  |  1 Comment

  Seriously, is anyone surprised? I’m sure you’ve seen the news about Chinese infiltration at the New York Times: http://www.nytimes.com/2013/01/31/technology/chinese-hackers-infiltrate-new-york-times-computers.html According to the article: Over the course of three months, attackers installed 45 pieces of custom malware. The Times — which uses antivirus products made by Symantec — found only one instance in which Symantec [...]

1 Comment »

Category: Beyond Anti-Virus Endpoint Protection Platform     Tags: , , , , , ,

Sand Castles and Advanced Persistent Threats

by Neil MacDonald  |  July 11, 2011  |  Comments Off

I’ve been absent from blogging for 2 weeks – first we had the Gartner Information Security Summit in DC and then I took some time off for a much-needed vacation. We spent some time at Hilton Head Island in South Carolina. They’ve got a pretty amazing flat beach where the difference between high tide and [...]

Comments Off

Category: Beyond Anti-Virus Information Security Next-generation Security Infrastructure     Tags: , , , , , ,

Don’t Trust Your Servers

by Neil MacDonald  |  June 17, 2011  |  3 Comments

One of the toughest problems in information security is addressing advanced intrusions that have bypassed traditional security controls and now reside undetected on enterprise systems. With financially motivated attacks and state-sponsored “advanced persistent threats” both on the rise, intrusions can remain undetectable for extended periods of time. We have reached a point where our systems [...]

3 Comments »

Category: Beyond Anti-Virus Next-generation Security Infrastructure Virtualization Virtualization Security     Tags: , , , , , , , ,

Improving Security by Killing Server and Desktop Workloads

by Neil MacDonald  |  June 16, 2011  |  Comments Off

It sounds counterintuitive, but today’s advanced threat environment requires new approaches to the ongoing security and management of server and desktop workloads. The trouble with Advanced Persistent Threats is that, by definition, they have evaded our traditional network and endpoint security controls and now reside undetected in our IT Systems. How many advanced intrusions will [...]

Comments Off

Category: Beyond Anti-Virus Next-generation Security Infrastructure Virtualization Virtualization Security     Tags: , , , , , , ,