Datanauts 125: Security Gamification & Training New Talent
Is security gamification a useful tool for training security talent, or just a gimmick? The Datanauts dive in to explore this issue. Our guest is Evan Dornbush. The post Datanauts 125: Security Gamification & Training New Talent appeared first on Packet Pushers.
Site Reliability Engineering: 4 Things to Know
Organizations that have embraced DevOps and cloud-native architecture might also want to investigate SRE. Interop ITX expert Rob Hirschfeld explains why.
IBM Cloud, Now Powered by Cloudflare
A Tale of Two New Relationships
Late last spring, we were seeking to expand our connections inside of IBM. IBM had first become a direct Cloudflare customer in 2016, when its X-force Exchange business selected Cloudflare, instead of traditional scrubbing center solutions, for DDoS protection, WAF, and Load Balancing. We had friendly relationships with several people inside of IBM’s Softlayer business. We learned that the IBM “Networking Tribe” was evaluating various solutions to fill product gaps that their cloud customers were experiencing for DDoS, DNS, WAF, and load balancing.
In trying to engage with the people leading the effort, I made a casual phone call late on a Friday afternoon to one of the IBMers based in Raleigh, NC. When he understood that I was from Cloudflare, he replied, “Oh, I know Cloudflare. You guys do DDoS protection, right?” I replied, “Well, yes, we do offer DDoS protection, but we also offer a number of other security and performance services.” He indicated that he would be in the Bay Area two weeks later, and that he would bring his team to our office if we could make the time.
Also late last spring, my wife delivered our baby Continue reading
Rough Guide to IETF 101: IPv6
In this post for the Internet Society Rough Guide to IETF 101, I’m reviewing what’ll be happening at the IETF in London next week.
IPv6 global adoption rates continue to rise (to approximately 22% according to Google), although at a slightly slower overall rate since the last IETF. Nevertheless, there’s still substantial growth in IPv6 capability in large markets such as the United States, India and Germany, with Belgium still leading the world. There has also been significant progress in Greece, Brazil, Malaysia, Finland, Switzerland and Uruguay recently, whilst Japan, the UK and France continue to show consistent growth. The amounts of native IPv6 traffic seen on the Internet still does not entirely reflect global IPv6 capabilities, but with most major content and cloud providers now supporting IPv6, and mobile networks increasingly preferring IPv6, this gap will continue to close.
IPv6 is an important focus for the IETF, particularly with respect to the standardisation work related to the Internet-of-Things. And it’s straight into the IPv6 work on Monday, with both the IPv6 Operations (v6ops) and IPv6 Maintenance (6man) Working Groups being held that day, along with three other IoT-related Working Groups.
The IPv6 Operations (v6ops) Working Group is Continue reading
I Can’t Choose the Gear for You
One of my readers sent me a question along these lines after reading the anti-automation blog post:
Your blog post has me worried as we're currently reviewing offers for NGFW solution... I understand the need to keep the lid on the details rather than name and shame, but is it possible to get the details off the record?
I always believed in giving my readers enough information to solve their challenges on their own (you know, the Teach a man to fish idea).
Read more ...Yubikey for SSH on Windows
Short post this time.
If you on Linux set up your Yubikey in smartcard mode then you can use that Yubikey without any setup at all on Windows.
Just open
PuttyWincrypt, put
in the host to log in to, and under Connection > SSH > Auth set
Private key file for authentication to cert://*, then click
Open.
It’ll ask for the PIN, you’ll have to touch the Yubikey when it’s blinking, and you’re in.
Hyperconverged Secondary Storage or Cloud Data Management? It’s a Hot Market Regardless
Cohesity and Rubrik lead the sector.
Aryaka’s Global Network Provides Unique SD-WAN Security
Aryaka's Passport service integrates security from Palo Alto Networks, Zscaler, and Radware.
Check Out Our Newest Addition to The INE Library: OSCP Security Technology Course
The OSCP Security Technology course is for those interested in learning advanced ethical hacking and penetration testing. This course is designed to prepare students to for the Penetration Testing with Kali (PWK) course offered by Offensive Security. The PWK course is a prerequisite to the Offensive Security Certified Professional (OSCP) exam. Students should be familiar with Linux command line, Bash and Python scripting, and basic networking concepts before attempting the course.
This Course is 9 hours and 22 minutes long and taught by Heath Adams. You can view the full OSCP course on our streaming site.
About The Instructor:
Heath Adams is a cybersecurity professional. He currently holds the OSCP, OSWP, CEH, CCNA, Security+, Linux+, Network+, and A+ certifications. When he is not developing courses with INE, he spends his work life as a senior network engineer with a national lab in the United States. He is also currently an Army Officer in the Reserves.
In his free time, Heath enjoys spending time with his fiance and their 4 animal children. He enjoys playing video games, running, playing the guitar, watching sports, and binge-watching more TV shows than he should admit.
The Future For Load Balancers & ADCs – Video
My latest video examines F5's business strategy in the face of a shrinking market for load balancers.
Summary of Cisco NX-OS security vulnerabilities I uncovered – Maximum Entropy
Cisco took FOUR YEARS to patch disclosed vulnerabilities in NX-OS.
Equinix Moves Into Cloud Security With Key Management, Encryption Service
It uses Intel and Fortanix software.
Teaching Sri Lankan Girls How to Code
Girls in Technology is a community-based initiative to help increase schoolgirls’ participation in emerging Internet technology careers. The pilot project, lead by the Internet Society Sri Lanka Chapter and supported by Beyond the Net Funding Programme, will provide grade 9 girls with coding lessons and extracurricular activities to help them select ICT subjects at grade 10. Niranjan Meegammana, project leader and director of the Shilpa Sayura Foundation, explains how this initiative will contribute to gender equality in STEM education and help the young women reach for the stars.
Internet Society: What motivated the Chapter to take this initiative?
Niranjan Meegammana: Sri Lanka is fast becoming a hub for technology and innovation, offering a wide range of careers in technology fields. However, girls pursuing a career in technology still remain a limited number. Girls are representing 50.28% of school population, but only 20% are actually studying ICT. The gender gap keeps on growing and generating a labor surplus. The root cause of this problem is the scarcity of opportunities for girls and teachers in the Internet sector.
Which innovative solutions will the project attempt to solve this problem?
Girls in Technology is implemented by Sri Lanka Chapter with Continue reading
Trump Kills Broadcom’s Takeover Bid for Qualcomm
The President's order cited "credible evidence" that the takeover would be a security risk to the U.S.