Entries Tagged as 'Defense-in-Depth'
by Neil MacDonald | March 16, 2013 | Comments Off
The idea of “sandboxing” potentially malicious content and applications isn’t new but interest in this type of approach on Windows desktops is growing. Further, the increasing variety of virtualization and abstraction techniques available on Windows create isolation that can be used to provide security separation – aka “sandboxing”. Given the innovation around virtualization techniques [...]
Category: Beyond Anti-Virus Endpoint Protection Platform Next-generation Security Infrastructure Virtualization Virtualization Security Tags: APTs, Beyond Anti-Virus, Browser Security, Defense-in-Depth, Endpoint Protection Platform, Lockdown, Virtualization, Virtualization Security, Whitelisting, Windows
by Neil MacDonald | January 31, 2013 | 1 Comment
Seriously, is anyone surprised? I’m sure you’ve seen the news about Chinese infiltration at the New York Times: http://www.nytimes.com/2013/01/31/technology/chinese-hackers-infiltrate-new-york-times-computers.html According to the article: Over the course of three months, attackers installed 45 pieces of custom malware. The Times — which uses antivirus products made by Symantec — found only one instance in which Symantec [...]
Category: Beyond Anti-Virus Endpoint Protection Platform Tags: APTs, Best Practices, Beyond Anti-Virus, Defense-in-Depth, Endpoint Protection Platform, Lockdown, Whitelisting
by Neil MacDonald | November 5, 2012 | 2 Comments
I still see people getting bogged down in rather meaningless arguments as to whether or not firewalls will be virtualized. They will (and, in fact, are). The bigger trend is the shift from proprietary hardware to software running on commodity hardware (in almost all cases, x86). That’s the big shift. Whether or not a given [...]
Category: Cloud Cloud Security Next-generation Security Infrastructure Virtualization Virtualization Security Tags: Adaptive Security Infrastucture, Best Practices, Defense-in-Depth, Next-generation Security Infrastructure, Software Defined Security, Virtual Appliances, Virtualization Security, VMware
by Neil MacDonald | September 22, 2012 | Comments Off
I saw yesterday that Microsoft had released the out of band patch for Internet Explorer as they had committed to do. Certainly, Microsoft’s motivation to quickly release the patch out of band was affected by calls from various enterprises and governments to ban the use of IE until the issue was resolved. What can [...]
Category: Microsoft Microsoft Security Windows 7 Windows 8 Tags: Browser Security, Defense-in-Depth, Microsoft, Microsoft Security, Windows
by Neil MacDonald | September 13, 2012 | 3 Comments
I blogged about this question years ago, but a recent blog on CSO got me thinking once again. Has anything changed? Thoughts: 1) The question “Has antivirus outlived its value?” is wrong. AV hasn’t been AV for years. Gartner stopped calling the market “AV” back in 2006. Modern Endpoint Protection Platforms (EPP – the term [...]
Category: Beyond Anti-Virus Endpoint Protection Platform Information Security Next-generation Security Infrastructure Windows 8 Tags: Adaptive Security Infrastucture, Apple, Beyond Anti-Virus, Defense-in-Depth, Endpoint Protection Platform, Information Security, Microsoft, Microsoft Security, Windows
by Neil MacDonald | February 3, 2012 | 1 Comment
I’ve blogged before about advanced threats that easily bypass our traditional protection mechanisms and reside undetected for extended periods of time on our systems. On one of the panels I moderated on APTs, Dave Merkel from Mandiant put it best. “You are compromised, get over it”. Others in the US Government have come to the [...]
Category: Application Security Beyond Anti-Virus Cloud Cloud Security Next-generation Security Infrastructure Security Intelligence Tags: Adaptive Security Infrastucture, Application Security, Best Practices, Beyond Anti-Virus, Cloud Security, Context-aware Security, DC-Summit-NA, Defense-in-Depth, DevOpsSec, Next-generation Security Infrastructure
by Neil MacDonald | January 17, 2012 | Comments Off
DevOps seeks to bridge the development and operations divide through the establishment of a culture of trust and shared interest among individuals in these previously siloed organizations. However, this vision is incomplete without the incorporation of information security, which represents yet another silo in IT. Breakdowns in communications and processes across development, operations and security [...]
Category: Application Security Next-generation Security Infrastructure Tags: Adaptive Security Infrastucture, application security testing tools, Defense-in-Depth, DevOpsSec, Next-generation Data Center, Next-generation Security Infrastructure, Security-Summit-NA
by Neil MacDonald | October 11, 2011 | 1 Comment
Traditional data loss prevention has been focused on looking for signatures and patterns of sensitive data at rest within the organization and as it moves throughout the organization, including to destinations outside of the enterprise (the latter is where most organizations have started). <digress> You noticed I didn’t use the term “DLP”. That’s because I [...]
Category: Information Security Next-generation Security Infrastructure Security Intelligence Tags: Defense-in-Depth, Information Security, Next-generation Security Infrastructure, Security No-Brainer
by Neil MacDonald | September 29, 2011 | 2 Comments
I’ve made it a point over the past 6 months to ask clients if they are combining their endpoint protection platform contracts across desktops, laptops and servers. In most cases (about 75%), the answer is yes – contracts are being combined in order to reduce complexity and costs. Is protecting a desktop different than a [...]
Category: Beyond Anti-Virus Endpoint Protection Platform Next-generation Security Infrastructure Tags: Adaptive Security Infrastucture, Beyond Anti-Virus, Defense-in-Depth, Endpoint Protection Platform, Lockdown, Next-generation Security Infrastructure, Reducing Complexity, Reducing Cost, Windows
by Neil MacDonald | September 28, 2011 | 1 Comment
I’ve been out the past two weeks visiting with clients and have been meaning to summarize my impression of the upcoming Windows 8 (expected mid 2012) from a security point of view. I attended Microsoft’s recent BUILD conference for developers where Windows 8 made its first official appearance. You can see my real-time tweets and [...]
Category: Beyond Anti-Virus Information Security Microsoft Security Windows 7 Tags: Apple, Beyond Anti-Virus, Defense-in-Depth, Information Security, Microsoft, Microsoft Security, Whitelisting, Windows
