Application Rule Manager (ARM) Practical Implementation – Healthcare

This post originally appears as part of a series of VMware NSX in Healthcare blogs on Geoff Wilmington’s blog, vWilmo. To read more about VMware NSX and its applications in healthcare, check out Geoff’s blog series.

Originally this series on Micro-segmentation was only going to cover Log Insight, vRealize Network Insight (vRNI), and VMware NSX.  With the release of VMware NSX 6.3, there is a new toolset within NSX that can be leveraged for quick micro-segmentation planning The Application Rule Manager (ARM) within NSX, provides a new way to help create security rulesets quickly for new or existing applications on a bigger scale than Log Insight, but smaller scale than vRNI.   With that in mind, we’re going to take the previous post using Log Insight, and perform the same procedures with ARM in NSX to create our rulesets using the same basic methodologies.

The Application Rule Manager in VMware NSX leverages real-time flow information to discover the communications both in and out, and between an application workload so a security model can be built around the application.  ARM can monitor up to 30 VMs in one session and have 5 sessions running at a time.  Continue reading

5 Practical Cloud Tips for SMBs

How to rescue your PC from ransomware

With  nasty malware like Locky making the rounds—encrypting its victims’ files, and then refusing to unlock them unless you pay up—ransomware is a serious headache. But not all ransomware is so difficult.You can remove many ransomware viruses without losing your files, but with some variants that isn’t the case. In the past I’ve discussed general steps for removing malware and viruses, but you need to apply some specific tips and tricks for ransomware. The process varies and depends on the type of invader. Some procedures involve a simple virus scan, while others require offline scans and advanced recovery of your files. I categorize ransomware into three varieties: scareware, lock-screen viruses, and the really nasty stuff.To read this article in full or to leave a comment, please click here

How to rescue your PC from ransomware

With  nasty malware like Locky making the rounds—encrypting its victims’ files, and then refusing to unlock them unless you pay up—ransomware is a serious headache. But not all ransomware is so difficult.You can remove many ransomware viruses without losing your files, but with some variants that isn’t the case. In the past I’ve discussed general steps for removing malware and viruses, but you need to apply some specific tips and tricks for ransomware. The process varies and depends on the type of invader. Some procedures involve a simple virus scan, while others require offline scans and advanced recovery of your files. I categorize ransomware into three varieties: scareware, lock-screen viruses, and the really nasty stuff.To read this article in full or to leave a comment, please click here

Here’s where to buy the Bitcoins to pay a ransom

Ransomware grew into a $1 billion industry last year, and ransom payments now account for nearly 10 percent of the entire Bitcoin economy.Avoiding becoming part of that statistic requires good endpoint security and effective backups. But what if your defenses fail, your backups are inadequate, all attempts to restore the data fail, and you have to pay the ransom after all -- what do you do?First of all, get the ball rolling on improving your security. Second, if the ransomware includes a recommendation for where to buy the Bitcoins, take it with a grain of salt. These guys are, after all, criminals. They might steer you wrong.Instead, go to a reputable exchange.To read this article in full or to leave a comment, please click here

Here’s where to buy the Bitcoins to pay a ransom

Ransomware grew into a $1 billion industry last year, and ransom payments now account for nearly 10 percent of the entire Bitcoin economy.Avoiding becoming part of that statistic requires good endpoint security and effective backups. But what if your defenses fail, your backups are inadequate, all attempts to restore the data fail, and you have to pay the ransom after all -- what do you do?First of all, get the ball rolling on improving your security. Second, if the ransomware includes a recommendation for where to buy the Bitcoins, take it with a grain of salt. These guys are, after all, criminals. They might steer you wrong.Instead, go to a reputable exchange.To read this article in full or to leave a comment, please click here

Old attack code is new weapon for Russian hackers

Attackers prefer to reuse code and tools for as long as they keep working. In that tradition, researchers have found evidence suggesting a cyberespionage group is still successfully using tools and infrastructure that was first deployed in attacks 20 years ago.The Moonlight Maze refers to the wave of attacks that targeted U.S. military and government networks, universities, and research institutions back in the mid-to-late 1990s. While the Moonlight Maze disappeared from the radar after the FBI and Department of Defense investigation became public in 1999, there were whispers within the security community that the cyberespionage group never entirely went away. Turla, a Russian-speaking attack group that's also known as Venomous Bear, Uroburos, and Snake, was floated as a possibility, but until recently, all links were guesswork and speculation.To read this article in full or to leave a comment, please click here

Old attack code is new weapon for Russian hackers

Attackers prefer to reuse code and tools for as long as they keep working. In that tradition, researchers have found evidence suggesting a cyberespionage group is still successfully using tools and infrastructure that was first deployed in attacks 20 years ago.The Moonlight Maze refers to the wave of attacks that targeted U.S. military and government networks, universities, and research institutions back in the mid-to-late 1990s. While the Moonlight Maze disappeared from the radar after the FBI and Department of Defense investigation became public in 1999, there were whispers within the security community that the cyberespionage group never entirely went away. Turla, a Russian-speaking attack group that's also known as Venomous Bear, Uroburos, and Snake, was floated as a possibility, but until recently, all links were guesswork and speculation.To read this article in full or to leave a comment, please click here

After political Twitter bot revelation, are companies at risk?

With reports of Russia using social media and bots to push fake news to influence the 2016 U.S. presidential election, questions are arising over how these same tactics could be used against an enterprise."Twitter bots could absolutely be used against a company," said Dan Olds, an analyst with OrionX. "Someone using bots could manufacture a fake groundswell of opinion against a company or a product."The subject of Twitter bots has made headlines since federal investigations into Russia's interference with the presidential election unearthed evidence that the Kremlin used chatbots, particularly on Twitter, to seed fake news stories in order to confuse discussions and taint certain candidates, especially Democratic candidate Hillary Clinton.To read this article in full or to leave a comment, please click here

After political Twitter bot revelation, are companies at risk?

With reports of Russia using social media and bots to push fake news to influence the 2016 U.S. presidential election, questions are arising over how these same tactics could be used against an enterprise."Twitter bots could absolutely be used against a company," said Dan Olds, an analyst with OrionX. "Someone using bots could manufacture a fake groundswell of opinion against a company or a product."The subject of Twitter bots has made headlines since federal investigations into Russia's interference with the presidential election unearthed evidence that the Kremlin used chatbots, particularly on Twitter, to seed fake news stories in order to confuse discussions and taint certain candidates, especially Democratic candidate Hillary Clinton.To read this article in full or to leave a comment, please click here

What makes a good application pen test? Metrics

When it comes to creating secure applications, nothing beats focusing on the basics: secure coding in development and then testing the application for security defects. Part of the testing regime should always include an in-depth application pen test. But how do organizations know they are getting the full benefit from such assessments?What goes (or should go) into developing application security is well known. Developers should have their code vetted in their development environment. Their code should go through a series of quality and security tests in the development pipeline. Applications should be vetted again right after deployment. And, after all of that, it’s very likely that more vulnerabilities exist in the application that have yet to be uncovered.To read this article in full or to leave a comment, please click here

What makes a good application pen test? Metrics

When it comes to creating secure applications, nothing beats focusing on the basics: secure coding in development and then testing the application for security defects. Part of the testing regime should always include an in-depth application pen test. But how do organizations know they are getting the full benefit from such assessments?What goes (or should go) into developing application security is well known. Developers should have their code vetted in their development environment. Their code should go through a series of quality and security tests in the development pipeline. Applications should be vetted again right after deployment. And, after all of that, it’s very likely that more vulnerabilities exist in the application that have yet to be uncovered.To read this article in full or to leave a comment, please click here

What makes a good application pen test? Metrics

When it comes to creating secure applications, nothing beats focusing on the basics: secure coding in development and then testing the application for security defects. Part of the testing regime should always include an in-depth application pen test. But how do organizations know they are getting the full benefit from such assessments?What goes (or should go) into developing application security is well known. Developers should have their code vetted in their development environment. Their code should go through a series of quality and security tests in the development pipeline. Applications should be vetted again right after deployment. And, after all of that, it’s very likely that more vulnerabilities exist in the application that have yet to be uncovered.To read this article in full or to leave a comment, please click here

5 ways data classification can prevent an insurance data breach

Insuring that your data is safeImage by Yohan CreemersInsurance firms collect and process large amounts of policyholder data including personally identifiable information (PII) and protected health information (PHI), as well as sensitive employee and company information that must be protected. Confidential data is the core of the business, and companies that collect and analyze it more effectively have a competitive advantage. And with the cost of file sharing and synchronization technology decreasing, actuaries are able to analyze and share data in real time. However, this also increases the number of unnecessary copies of sensitive business and consumer data.To read this article in full or to leave a comment, please click here

5 ways data classification can prevent an insurance data breach

Insuring that your data is safeImage by Yohan CreemersInsurance firms collect and process large amounts of policyholder data including personally identifiable information (PII) and protected health information (PHI), as well as sensitive employee and company information that must be protected. Confidential data is the core of the business, and companies that collect and analyze it more effectively have a competitive advantage. And with the cost of file sharing and synchronization technology decreasing, actuaries are able to analyze and share data in real time. However, this also increases the number of unnecessary copies of sensitive business and consumer data.To read this article in full or to leave a comment, please click here

How IT can foster innovation from within

Entrepreneurship is typically associated with startup companies, and the eager, driven and innovative minds that start them. But there's another type of entrepreneurship, and it lives inside established organizations.Intrapreneurs are already employed in your organization -- they're workers with progressive ideas that will benefit the company. The only problem is, these intrapreneurs often struggle to find the right channels to see their ideas realized."These are the employees who want to get their hands dirty and are often the first people to volunteer for a job. Intrapreneurs are not content with the status quo. They often see how things could be part of a bigger picture and come up with ideas to realize this new vision," says Tim Beerman, CTO at Ensono, a company that offers mainframe and hybrid IT solutions.To read this article in full or to leave a comment, please click here

Do you really need a CEO?

When Shawn Moore co-founded website design and content management software company Solodev in 2007, he knew he didn't want to take on the role of chief executive, and neither did his co-founder. So, the two followed conventional wisdom and hired on a CEO. But it soon become clear that they'd made the wrong decision -- because they didn't know what to do with him."Typically the founder becomes the CEO, and that's fine for some people, but in my case, I'm a software developer and a product guy. I like to get my hands dirty and work on actual products and drive them into the market. But when we were meeting with VCs and investors, they were all saying, 'You have to get a CEO,' but once we did, he quickly just became the chief sales guy. We weren't at the point yet where going public and needing the CEO to communicate between the board and shareholders was necessary, and we had a sales guy already, so for us as an early-stage, bootstrap company, it didn't make sense," Moore, now Solodev's CTO, says.To read this article in full or to leave a comment, please click here

McAfee on its own as independent security vendor

Effective today, McAfee has officially spun out from Intel, dumping the name Intel Security and operating under new majority ownership that has deep pockets to help the company aggressively acquire technology via mergers and acquisitions to supplement home-grown innovations.Investment firm TPG is making a $1.1 billion equity investment in McAfee in return for 51% ownership, giving it the cash it needs to buy companies for their technology so it can be incorporated faster into McAfee platforms than if developed via R&D.That’s a different strategy than is used by Intel in its chip business. “Identifying what it takes to run a semiconductor company is quite different from running a cybersecurity company in a rapidly changing threat landscape,” says Intel Security’s CTO Steve Grobman.To read this article in full or to leave a comment, please click here

McAfee on its own as independent security vendor

Effective today, McAfee has officially spun out from Intel, dumping the name Intel Security and operating under new majority ownership that has deep pockets to help the company aggressively acquire technology via mergers and acquisitions to supplement home-grown innovations.Investment firm TPG is making a $1.1 billion equity investment in McAfee in return for 51% ownership, giving it the cash it needs to buy companies for their technology so it can be incorporated faster into McAfee platforms than if developed via R&D.That’s a different strategy than is used by Intel in its chip business. “Identifying what it takes to run a semiconductor company is quite different from running a cybersecurity company in a rapidly changing threat landscape,” says Intel Security’s CTO Steve Grobman.To read this article in full or to leave a comment, please click here

Twitter Chat: Key Container Considerations