Gartner Blog Network

Posts from Date:   2009-8

Moore’s Law Enables Virtualized Security

by Neil MacDonald  |  August 28, 2009

As security controls are virtualized (e.g. firewalls, IPS, web application firewalls and so on), one of the more significant concerns is performance and throughput. I remember a demonstration about a year ago where an IPS running in a VM virtual appliance easily consumed 2 out of 8 cores in a multicore system. A 25% overhead […]

Read more »

Are Web Application Security Testing Tools a Waste of Time and Money?

by Neil MacDonald  |  August 25, 2009

My previous post on the value of linking web application vulnerability scanning tools with web application firewalls generated a lot of discussion. Take a look through the post and the lengthy comment string. Let me state up front that I firmly believe we should change our development processes (and developer culture) to produce more secure […]

Read more »

For Static Application Security Testing, Frameworks Matter

by Neil MacDonald  |  August 21, 2009

All static application security testing (SAST) tools work in basically the same way – they generate an intermediate representation (model) of the application that they then analyze for conditions indicative of security vulnerability. For clients, our in depth research on the SAST tool vendors is in this research note. However, just because a SAST vendor […]

Read more »

Security No-Brainer #9: Application Vulnerability Scanners Should Communicate with Application Firewalls

by Neil MacDonald  |  August 19, 2009

If a web application security testing tool tells me I have a vulnerability in an application, what do I do? “Fix it” is the right answer, but not always so easy if my development organization is backlogged or, worse, I don’t have access to the source code. Another answer is to shield the application from […]

Read more »

Security Thought for Tuesday: DRM and DLP are not Separate Problems

by Neil MacDonald  |  August 18, 2009

Digital Rights Management (DRM – alternatively Information Rights Management [IRM]) and Data Loss Prevention (DLP) are typically thought of as separate problems with different vendors and solutions targeting each. The market may have evolved this way, but that’s not the way it has to be. The need to place and enforce DRM policies on information […]

Read more »

Security No-Brainer #8: Run Users As Standard User

by Neil MacDonald  |  August 13, 2009

Mostly for legacy reasons, many of us continue to run users with administrative privileges on their Windows workstations. Running as standard user reduces exposure to malware by preventing users from updating protected parts of the file system and registry or accessing sensitive Windows operations. An analysis by BeyondTrust showed that 92% of the critical Windows […]

Read more »

Security Thought for Tuesday: Cloud Computing Should be a More Secure Model

by Neil MacDonald  |  August 11, 2009

A computing paradigm based on the exchange and execution of arbitrary code is inherently risky.Yet, that’s pretty much the foundation of what we do today with personal computers. Consider that this model is the primary reason we pay billions of dollars to AV vendors to scan our machines for known malicious executable code. Consider that […]

Read more »

Don’t Underestimate Microsoft

by Neil MacDonald  |  August 7, 2009

After the latest financial results were announced by Microsoft (including the first year over year revenue decline in its history), I heard an increase in the comments from press and some analysts along the lines of ‘Microsoft has hit its peak’. Don’t underestimate Microsoft. Microsoft is at its best when it is threatened. Time and […]

Read more »

Another Excellent Application Security Maturity Model

by Neil MacDonald  |  August 4, 2009

As I talked about in this post, I am a proponent of maturity models in general as they help organizations understand that there is a progression of capabilities as organization become more proficient in a discipline (in this case application security/assurance). Maturity models help people understand that changing people and processes takes time, its never […]

Read more »