What to ask when selecting application security solutions

Buying decisionsImage by ThinkstockThere are many factors to consider when making an application security purchasing decision, and the pressure is on organizations now more than ever to improve their security risk management preparedness. In fact, more than 80 percent of security attacks target software applications, with application vulnerabilities as the No.1 cyber-attack target. Organizations need a comprehensive application security toolkit to stay secure throughout the product lifecycle, and need to address key questions that can help them determine the right tools to address security risks.To read this article in full or to leave a comment, please click here

How CISOs find their perfect job

It’s a good time to be a CISO. In a market where analysts say there are over 1 million unfilled job openings, and with demand expected to rise to 6 million globally by 2019 -- according to the Palo Alto Research Center, if you do a good job other opportunities are sure to follow.Indeed, such is the market, that - as we reported last year, even poor performing CISOs, dismissed from previous jobs, get handed new opportunities time and time again.To read this article in full or to leave a comment, please click here(Insider Story)

How CISOs find their perfect job

It’s a good time to be a CISO. In a market where analysts say there are over 1 million unfilled job openings, and with demand expected to rise to 6 million globally by 2019 -- according to the Palo Alto Research Center, if you do a good job other opportunities are sure to follow.To read this article in full or to leave a comment, please click here(Insider Story)

Cisco Identity Services Engine: Initial Configuration

IDG Contributor Network: Ecommerce giants look to dominate payment gateways

Ecommerce competition is heating up globally, with giants Amazon, Apple, Alibaba, Tencent and eBay all vying for bigger stakes in the market. Retail sales are expected to surpass $27 trillion by 2020, and ecommerce is expected to account for more than $4 trillion of that figure.One key area that is becoming the next battleground for these companies is payments. Payments may seem to be an inherent part of ecommerce platforms that facilitates the checkout process. However, the boom of financial technology (fintech) has made payments a major segment in financial services, creating major opportunities for these businesses to tap into wider markets.To read this article in full or to leave a comment, please click here

VMware NSX in Redundant L3-only Data Center Fabric

During the Networking in Private and Public Clouds webinar I got an interesting question: “Is it possible to run VMware NSX on redundantly-connected hosts in a pure L3 data center fabric?”

TL&DR: I thought the answer is still No, but after a very helpful discussion with Anthony Burke it seems that it changed to Yes (even through the NSX Design Guide never explicitly says Yes, it’s OK and here’s how you do it).

42% off Tom Clancy’s Ghost Recon Wildlands – (XBOX ONE, PS4) – Deal Alert

Today you'll see the price drop an extra 42% on Tom Clancy’s Ghost Recon Wildlands. Experience total freedom of choice in Tom Clancy's Ghost Recon Wildlands, the ultimate military shooter set in a massive open world setting.  The Santa Blanca drug cartel has transformed the beautiful South American country of Bolivia into a perilous narco-state, leading to lawlessness, fear, and rampant violence. With their corrosive influence growing, the cartel plagues the citizens of Bolivia but all hope is not lost. The Ghosts, an elite US Special Forces team, are tasked to combat the cartel and save the country from collapse.  See the discounted Ghost Recon Wildlands on Amazon.To read this article in full or to leave a comment, please click here

Oracle plans ‘startup organization’ focused on cloud computing, AI and VR

Oracle is hiring people for a "new startup organization" inside its North America operation that will focus on key technology trends, including cloud computing, internet of things, artificial Intelligence, and augmented and virtual reality.The Solution Engineering organization the company is setting up will consist of Solution Engineering Centers in Reston, Virginia and Denver, Colorado.The database and enterprise software company has previously indicated its interest in investing in some of these technology areas like machine learning and analytics.It announced in September last year that it was investing in intelligent cloud applications, called Adaptive Intelligent Applications, “that automatically offer individualized recommended actions and streamline the tasks of business users such as human resource or finance professionals.”To read this article in full or to leave a comment, please click here

Juniper takes a swipe at Extreme’s network buying spree, plans

It’s not at all uncommon for competitors to snipe at one another but it still makes for good reading and it provides an interesting look into a company’s strategy – and perhaps a signal to a competitor they are in for a fight.Today’s round comes from Juniper which has a piece of marketing out there that says: “In March 2017, Extreme Networks announced it will acquire Brocade's data center networking business. This acquisition has hindered Brocade/Extreme's ability to meet your long-term goals. They can no longer deliver networking solutions that will help you embark on your digital transformation journey. Juniper Networks can.”To read this article in full or to leave a comment, please click here

Juniper takes a swipe at Extreme’s network buying spree, plans

It’s not at all uncommon for competitors to snipe at one another but it still makes for good reading and it provides an interesting look into a company’s strategy – and perhaps a signal to a competitor they are in for a fight.Today’s round comes from Juniper which has a piece of marketing out there that says: “In March 2017, Extreme Networks announced it will acquire Brocade's data center networking business. This acquisition has hindered Brocade/Extreme's ability to meet your long-term goals. They can no longer deliver networking solutions that will help you embark on your digital transformation journey. Juniper Networks can.”To read this article in full or to leave a comment, please click here

Juniper takes a swipe at Extreme’s network buying spree, plans

It’s not at all uncommon for competitors to snipe at one another but it still makes for good reading and it provides an interesting look into a company’s strategy – and perhaps a signal to a competitor they are in for a fight.Today’s round comes from Juniper which has a piece of marketing out there that says: “In March 2017, Extreme Networks announced it will acquire Brocade's data center networking business. This acquisition has hindered Brocade/Extreme's ability to meet your long-term goals. They can no longer deliver networking solutions that will help you embark on your digital transformation journey. Juniper Networks can.”To read this article in full or to leave a comment, please click here

Hipchat resets user passwords after possible breach

HipChat has reset all its users' passwords after what it called a security incident that may have exposed their names, email addresses and hashed password information.In some cases, attackers may have accessed messages and content in chat rooms, HipChat said in a Monday blog post. But this happened in no more than 0.05 percent of the cases, each of which involved a domain URL, such as company.hipchat.com.HipChat didn't say how many users may have been affected by the incident. The passwords that may have been exposed would also be difficult to crack, the company said. The data is hashed, or obscured, with the bcrypt algorithm, which transforms the passwords into a set of random-looking characters. For added security, HipChat "salted" each password with a random value before hashing it.To read this article in full or to leave a comment, please click here

Hipchat resets user passwords after possible breach

HipChat has reset all its users' passwords after what it called a security incident that may have exposed their names, email addresses and hashed password information.In some cases, attackers may have accessed messages and content in chat rooms, HipChat said in a Monday blog post. But this happened in no more than 0.05 percent of the cases, each of which involved a domain URL, such as company.hipchat.com.HipChat didn't say how many users may have been affected by the incident. The passwords that may have been exposed would also be difficult to crack, the company said. The data is hashed, or obscured, with the bcrypt algorithm, which transforms the passwords into a set of random-looking characters. For added security, HipChat "salted" each password with a random value before hashing it.To read this article in full or to leave a comment, please click here

Microsoft finds another use for LinkedIn with CRM integration

The moment Salesforce CEO Marc Benioff was dreading has arrived: Microsoft is wielding LinkedIn against Salesforce in the battle for the CRM market. Starting Tuesday, salespeople will get LinkedIn Sales Navigator data alongside other information in the Dynamics 365 Sales dashboard.Users who have both systems will see information from LinkedIn profiles inside the lead, contact, account and opportunity pages of Dynamics 365 Sales. Dynamics and LinkedIn Sales Navigator will sync their information every day so that LinkedIn’s system is up to date on activity from Microsoft’s CRM and vice versa.To read this article in full or to leave a comment, please click here

Customers roast Microsoft over security bulletins’ demise

When Microsoft asked customers last week for feedback on the portal that just replaced the decades-long practice of delivering detailed security bulletins, it got an earful from unhappy users."Hate hate hate the new security bulletin format. HATE," emphasized Janelle 322 in a support forum where Microsoft urged customers to post thoughts on the change. "I now have to manually transcribe this information to my spreadsheet to disseminate to my customers. You have just added 8 hours to my workload. Thanks for nothing."To read this article in full or to leave a comment, please click here

Customers roast Microsoft over security bulletins’ demise

When Microsoft asked customers last week for feedback on the portal that just replaced the decades-long practice of delivering detailed security bulletins, it got an earful from unhappy users."Hate hate hate the new security bulletin format. HATE," emphasized Janelle 322 in a support forum where Microsoft urged customers to post thoughts on the change. "I now have to manually transcribe this information to my spreadsheet to disseminate to my customers. You have just added 8 hours to my workload. Thanks for nothing."To read this article in full or to leave a comment, please click here

7 patch management practices guaranteed to help protect your data

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.We’re in an era in which pre-packaged exploit services make it possible for the average Joe, with no technological experience or prowess, to launch intricate attacks on our environments. So, what can be done? Patching operating systems and applications is a surefire way to block some attacks.  But you need to do more than blast out auto updates.Here are seven patch management best practices that take your organization’s cybersecurity to the next level:#1 Use a proper discovery service You can’t secure what you don’t know about. The only way to know if a breach or vulnerability exists is to employ broad discovery capabilities. A proper discovery service entails a combination of active and passive discovery features and the ability to identify physical, virtual and on and off premise systems that access your network. Developing this current inventory of production systems, including everything from IP addresses, OS types and versions and physical locations, helps keep your patch management efforts up to date, and it’s important to inventory your network on a regular basis. If one computer Continue reading

7 patch management practices guaranteed to help protect your data

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.We’re in an era in which pre-packaged exploit services make it possible for the average Joe, with no technological experience or prowess, to launch intricate attacks on our environments. So, what can be done? Patching operating systems and applications is a surefire way to block some attacks.  But you need to do more than blast out auto updates.Here are seven patch management best practices that take your organization’s cybersecurity to the next level:#1 Use a proper discovery service You can’t secure what you don’t know about. The only way to know if a breach or vulnerability exists is to employ broad discovery capabilities. A proper discovery service entails a combination of active and passive discovery features and the ability to identify physical, virtual and on and off premise systems that access your network. Developing this current inventory of production systems, including everything from IP addresses, OS types and versions and physical locations, helps keep your patch management efforts up to date, and it’s important to inventory your network on a regular basis. If one computer Continue reading

7 patch management practices guaranteed to help protect your data

Worth Reading: Three characteristics

One of the first things a person on the leadership development journey should understand is that there is intrinsic value in developing character even if one never obtains external results from one’s endeavors. This is because who one becomes is much more important than what one accomplishes. —Chris Brady

The post Worth Reading: Three characteristics appeared first on rule 11 reader.