Gartner Blog Network

Posts from Date:   2011-1

Yes, Hypervisors Are Vulnerable.

by Neil MacDonald  |  January 26, 2011

In one of my first posts as a blogger nearly 2 years ago, I discussed the potential for disaster if a compromise in the virtualization platform (hypervisor/VMM) occurred. Last year (I was intending to comment on this at the time, but it slipped my mind), I was reading the IBM X-Force 2010 Mid-Year Trend and […]

Read more »

100% Prevention is a Fallacy. Lockdown is a Flawed Strategy

by Neil MacDonald  |  January 25, 2011

I’ve commented before that complete protection is a combination of prevention and detection and that we’ve been far too focused on the prevention side of the equation trying to prevent all malware and infections. We simply cannot stop all of the bad guys. Period. You will be and already have been breached. One of the […]

Read more »

Identifying Browsers and Plugins That Might Represent a Risk

by Neil MacDonald  |  January 21, 2011

In my kick off post for 2011, I talked about the need for IT to expand the depth and breadth of patching. In the follow-on post, I talked about the need to migrate more users to run with standard user (and not administrative level) privileges. One of the challenges to both of these actions is […]

Read more »

Static or Dynamic Application Security Testing? Both!

by Neil MacDonald  |  January 19, 2011

Static application security testing (SAST) can be thought of as testing the application from the inside out – by examining its source code, byte code or application binaries for conditions indicative of a security vulnerability. Dynamic application security testing (DAST) can be thought of as testing the application from the outside in – by examining […]

Read more »

Multi-tenancy Doesn’t Have to be bad for Security

by Neil MacDonald  |  January 14, 2011

One of the reasons that security tops the list of inhibitors for the adoption of public cloud computing is the concern around the use of multi-tenant infrastructure and applications. However, I believe the concerns are often overblown. Everything is multi-tenant at some level. For example, we all share the same planet and the same air. […]

Read more »

Improving Your 2011 Security Bang for the Buck Continued

by Neil MacDonald  |  January 6, 2011

In my previous post, I kicked off 2011 with a recommendation for improving your “security bang for the buck” or quick wins for information security in 2011 – increasing patching breadth and depth. Here’s a few more to consider in 2011: In a response to this post on the value (or lack thereof) of antivirus […]

Read more »

Improving Your 2011 Security Bang for the Buck: Patching Depth and Breadth

by Neil MacDonald  |  January 4, 2011

I am back from the holidays and was responding to some comments on my previous blog post on antivirus technologies and the shift to endpoint protection platforms where one of the readers had recommended disabling autorun on removable media for a quick win for information security. There are several things in information security that we […]

Read more »