Neil MacDonald

A member of the Gartner Blog Network

Entries Tagged as 'Defense-in-Depth'


Apple’s iOS 7 is a Significant Step Forward

by Neil MacDonald  |  August 14, 2013  |  2 Comments

From a security perspective, I’ve been keeping a close eye on iOS and Android. From what I’ve seen so far, iOS 7 is a significant step forward. To get deeper insight as to the changes, I’ve asked my colleague, Garter VP and Distinguished Analyst Ken Dulaney, to provide a guest post. Here’s what Ken has [...]

2 Comments »

Category: Mobile security     Tags: , ,

Virtualization, Containers and Other Sandboxing Techniques Should be on Your Radar Screen

by Neil MacDonald  |  March 16, 2013  |  Comments Off

  The idea of “sandboxing” potentially malicious content and applications isn’t new but interest in this type of approach on Windows desktops is growing. Further, the increasing variety of virtualization and abstraction techniques available on Windows create isolation that can be used to provide security separation – aka “sandboxing”. Given the innovation around virtualization techniques [...]

Comments Off

Category: Beyond Anti-Virus Endpoint Protection Platform Next-generation Security Infrastructure Virtualization Virtualization Security     Tags: , , , , , , , , ,

This Just In: Signature-based Protection Ineffective Against Targeted Attacks

by Neil MacDonald  |  January 31, 2013  |  1 Comment

  Seriously, is anyone surprised? I’m sure you’ve seen the news about Chinese infiltration at the New York Times: http://www.nytimes.com/2013/01/31/technology/chinese-hackers-infiltrate-new-york-times-computers.html According to the article: Over the course of three months, attackers installed 45 pieces of custom malware. The Times — which uses antivirus products made by Symantec — found only one instance in which Symantec [...]

1 Comment »

Category: Beyond Anti-Virus Endpoint Protection Platform     Tags: , , , , , ,

Virtual Firewalls or Physical? Wrong Question.

by Neil MacDonald  |  November 5, 2012  |  2 Comments

I still see people getting bogged down in rather meaningless arguments as to whether or not firewalls will be virtualized. They will (and, in fact, are). The bigger trend is the shift from proprietary hardware to software running on commodity hardware (in almost all cases, x86). That’s the big shift. Whether or not a given [...]

2 Comments »

Category: Cloud Cloud Security Next-generation Security Infrastructure Virtualization Virtualization Security     Tags: , , , , , , ,

What the Most Recent Zero Day in IE Should Teach Us

by Neil MacDonald  |  September 22, 2012  |  Comments Off

  I saw yesterday that Microsoft had released the out of band patch for Internet Explorer as they had committed to do. Certainly, Microsoft’s motivation to quickly release the patch out of band was affected by calls from various enterprises and governments to ban the use of IE until the issue was resolved. What can [...]

Comments Off

Category: Microsoft Microsoft Security Windows 7 Windows 8     Tags: , , , ,

Is Antivirus Obsolete?

by Neil MacDonald  |  September 13, 2012  |  3 Comments

I blogged about this question years ago, but a recent blog on CSO got me thinking once again. Has anything changed? Thoughts: 1) The question “Has antivirus outlived its value?” is wrong. AV hasn’t been AV for years. Gartner stopped calling the market “AV” back in 2006. Modern Endpoint Protection Platforms (EPP – the term [...]

3 Comments »

Category: Beyond Anti-Virus Endpoint Protection Platform Information Security Next-generation Security Infrastructure Windows 8     Tags: , , , , , , , ,

Intrusion Prevention Systems? We Need Intrusion Resilient Systems

by Neil MacDonald  |  February 3, 2012  |  1 Comment

I’ve blogged before about advanced threats that easily bypass our traditional protection mechanisms and reside undetected for extended periods of time on our systems. On one of the panels I moderated on APTs, Dave Merkel from Mandiant put it best. “You are compromised, get over it”. Others in the US Government have come to the [...]

1 Comment »

Category: Application Security Beyond Anti-Virus Cloud Cloud Security Next-generation Security Infrastructure Security Intelligence     Tags: , , , , , , , , ,

DevOps Needs to Become DevOpsSec

by Neil MacDonald  |  January 17, 2012  |  Comments Off

DevOps seeks to bridge the development and operations divide through the establishment of a culture of trust and shared interest among individuals in these previously siloed organizations. However, this vision is incomplete without the incorporation of information security, which represents yet another silo in IT. Breakdowns in communications and processes across development, operations and security [...]

Comments Off

Category: Application Security Next-generation Security Infrastructure     Tags: , , , , , ,

Data Loss Prevention Needs to Evolve

by Neil MacDonald  |  October 11, 2011  |  1 Comment

Traditional data loss prevention has been focused on looking for signatures and patterns of sensitive data at rest within the organization and as it moves throughout the organization, including to destinations outside of the enterprise (the latter is where most organizations have started). <digress> You noticed I didn’t use the term “DLP”. That’s because I [...]

1 Comment »

Category: Information Security Next-generation Security Infrastructure Security Intelligence     Tags: , , ,

Does Protecting Desktops Require a Different Vendor/Product than Protecting Servers?

by Neil MacDonald  |  September 29, 2011  |  2 Comments

I’ve made it a point over the past 6 months to ask clients if they are combining their endpoint protection platform contracts across desktops, laptops and servers. In most cases (about 75%), the answer is yes – contracts are being combined in order to reduce complexity and costs. Is protecting a desktop different than a [...]

2 Comments »

Category: Beyond Anti-Virus Endpoint Protection Platform Next-generation Security Infrastructure     Tags: , , , , , , , ,