Neil MacDonald

A member of the Gartner Blog Network

Entries Tagged as 'Security No-Brainer'


Link Web Application Firewalls to Dynamic Application SecurityTesting Tools

by Neil MacDonald  |  January 9, 2012  |  6 Comments

I called this a “security no brainer” years ago and the advice is absolutely still relevant today. In Gartner’s latest Magic Quadrant for Dynamic Application Security Testing (DAST) solutions for clients, one of the evaluation criteria we looked at was whether or not the vulnerability knowledge of the DAST solution could be exported and used [...]

6 Comments »

Category: Application Security Security Intelligence     Tags: , , ,

Data Loss Prevention Needs to Evolve

by Neil MacDonald  |  October 11, 2011  |  1 Comment

Traditional data loss prevention has been focused on looking for signatures and patterns of sensitive data at rest within the organization and as it moves throughout the organization, including to destinations outside of the enterprise (the latter is where most organizations have started). <digress> You noticed I didn’t use the term “DLP”. That’s because I [...]

1 Comment »

Category: Information Security Next-generation Security Infrastructure Security Intelligence     Tags: , , ,

The Single Most Important Way to Improve Endpoint Security

by Neil MacDonald  |  August 23, 2011  |  2 Comments

Run more of your Windows users without administrator rights. I’ve talked about this several times before – including here, here and here. While it may not be feasible to remove administrator rights from all users, it is an absolutely achievable goal to continue to improve the percentage of Windows users running without administrator rights year [...]

2 Comments »

Category: Beyond Anti-Virus Endpoint Protection Platform Microsoft Security Windows 7     Tags: , , , , , ,

Improving Your 2011 Security Bang for the Buck Continued

by Neil MacDonald  |  January 6, 2011  |  Comments Off

In my previous post, I kicked off 2011 with a recommendation for improving your “security bang for the buck” or quick wins for information security in 2011 – increasing patching breadth and depth. Here’s a few more to consider in 2011: In a response to this post on the value (or lack thereof) of antivirus [...]

Comments Off

Category: Beyond Anti-Virus Cloud Security Endpoint Protection Platform Windows 7     Tags: , , , , , , , ,

Improving Your 2011 Security Bang for the Buck: Patching Depth and Breadth

by Neil MacDonald  |  January 4, 2011  |  Comments Off

I am back from the holidays and was responding to some comments on my previous blog post on antivirus technologies and the shift to endpoint protection platforms where one of the readers had recommended disabling autorun on removable media for a quick win for information security. There are several things in information security that we [...]

Comments Off

Category: Application Security Beyond Anti-Virus Endpoint Protection Platform Information Security     Tags: , , , , , ,

Free Stuff to Help run as Standard User

by Neil MacDonald  |  April 1, 2010  |  Comments Off

One of the constant recommendations in my research is to reduce your exposure to malware by running more users as standard user. I’ve talked about this issue here, here and here. There are several possible approaches to help here. Microsoft’s User Account Control in Windows Vista and Windows 7 is an approach, but suffers from [...]

Comments Off

Category: Endpoint Protection Platform Information Security     Tags: , , , , , ,

Google, IE, China and Zero Day Attacks: Three Lessons

by Neil MacDonald  |  January 18, 2010  |  6 Comments

We’ve got a team of analysts working on a broader event research note that will be published shortly. What I wanted to discuss here is “so what do I do if my organization is using IE?”. Longer term, there are three key takeaways from the recent events: Lesson #1 – Run more users as standard [...]

6 Comments »

Category: Application Security Endpoint Protection Platform Microsoft Security     Tags: , , , , , , ,

More Application Security Goodness From OWASP

by Neil MacDonald  |  January 14, 2010  |  6 Comments

I’ve written before about OWASP and the guidance they provide to organizations looking to improve application security. One of the best practices for improving application security is to ensure that any code we produce or procure is more secure right from the beginning. Many of the clients I talk with are highly focused on the [...]

6 Comments »

Category: Application Security Information Security     Tags: , , ,

Security No-Brainer #9: Application Vulnerability Scanners Should Communicate with Application Firewalls

by Neil MacDonald  |  August 19, 2009  |  27 Comments

If a web application security testing tool tells me I have a vulnerability in an application, what do I do? “Fix it” is the right answer, but not always so easy if my development organization is backlogged or, worse, I don’t have access to the source code. Another answer is to shield the application from [...]

27 Comments »

Category: Application Security Next-generation Security Infrastructure     Tags: , ,

Security No-Brainer #8: Run Users As Standard User

by Neil MacDonald  |  August 13, 2009  |  3 Comments

Mostly for legacy reasons, many of us continue to run users with administrative privileges on their Windows workstations. Running as standard user reduces exposure to malware by preventing users from updating protected parts of the file system and registry or accessing sensitive Windows operations. An analysis by BeyondTrust showed that 92% of the critical Windows [...]

3 Comments »

Category: Beyond Anti-Virus Endpoint Protection Platform     Tags: , , ,