Cloud-Managed Security Services Market Hits $7.2B
Cloud security is primed to overtake CPE.
Ultron didn’t save the world
Tony Stark builds "Ultron" to save the world, to bring peace in our time. As a cybernetic creation, Ultron takes this literally, and decides the best way to bring peace is to kill all humans.
The problem, as demonstrated by the movie, isn't that there was a bug in Stark's code. The problem was the hubris thinking that Stark could protect everyone. Inevitably, protecting everyone meant ruling everyone, bringing peace by force. It's the same hubris behind the USA's effort to bring peace to Iraq and Afghanistan.
I mention this because in the cybersecurity industry, there are many who propose to bring security through authority. They want government mandated rules on how to write code, imposed liability requirements, and so on.
This sounds reasonable. After all, nobody wants medical equipment like pacemakers to be hacked. But here's the thing. Computer-controlled devices have the potential to vastly improve health, whether it's Watches monitoring your heart, pacemakers, insulin pumps, and so on. While these devices can be hacked, the practical reality is that if you want Continue reading
Review: Avengers, Age of Ultron
Remember that this movie is part of the Marvel Avengers arc, consisting of Ironman (3 movies), Captain America (2), Thor (2), Hulk, and Avengers (2). This arc also includes two TV series, and also a (so far) unrelated Guardians of the Galaxy movie. Everything is leading to the Infinity Wars movies.
I point this out because while this movie seems like a fine standalone movie for those who have seen none or only a few of the others, the greatest enjoyment will be in seeing it within context. In particular, while Ironman 3 isn't a terribly good movie, it's worth seeing before this movie, as it Continue reading
What Port Is The Most Targeted in Your Network?
Original Post in Solarwinds Thwack Author donthomas Security is an aspect that every organization should give the utmost priority.Some notes on why crypto backdoors are unreasonable
Today, a congressional committee held hearings about 'crypto backdoors' that would allow the FBI to decrypt text messages, phone calls, and data on phones. The thing to note about this topic is that it's not anywhere close to reasonable public policy. The technical and international problems are unsolvable with anything close to the proposed policy. Even if the policy were reasonable, it's unreasonable that law enforcement should be lobbying for it.Crypto is end-to-end
The debate hinges on a huge fallacy, that it's about regulating industry, forcing companies like Apple to include backdoors. This makes it seem like it's a small law. The truth is that crypto is end-to-end. Apple sells a generic computer we hold in our hand. As a user, I can install any software I want on it -- including software that completely defeats any backdoor that Apple would install. Examples of such software would be Signal and Silent Circle.
It seems reasonable that you could extend the law so that it covers any software provider. But that doesn't work, because software is often open-source, meaning that anybody can build their own app from it. Starting from scratch, it would take me about six-months to write my Continue reading
Cisco ACI Integrates Security from Sourcefire
ACI strengthens its security story with a next-generation firewall and IPS.
Hacking Lessons From Security Compass’ Battle School
What I learned in hacking school.
The Walls Are On Fire
There’s no denying the fact that firewalls are a necessary part of modern perimeter security. NAT isn’t a security construct. Attackers have the equivalent of megaton nuclear arsenals with access to so many DDoS networks. Security admins have to do everything they can to prevent these problems from happening. But one look at firewall market tells you something is terribly wrong.
Who’s Protecting First?
Take a look at this recent magic polygon from everyone’s favorite analyst firm:
FW Magic Polygon. Thanks to @EtherealMind.
I won’t deny that Checkpoint is on top. That’s mostly due to the fact that they have the biggest install base in enterprises. But I disagree with the rest of this mystical tesseract. How is Palo Alto a leader in the firewall market? I thought their devices were mostly designed around mitigating internal threats? And how is everyone not named Cisco, Palo Alto, or Fortinet regulated to the Niche Players corral?
The issue comes down to purpose. Most firewalls today aren’t packet filters. They aren’t designed to keep the bad guys out of your networks. They are unified threat management systems. That’s a fancy way of saying they have a whole bunch of software built on top Continue reading
FireHost Picks VMware NSX Over Cisco ACI
In the cloud and security realm, VMware's NSX has landed a notable customer.
The hollow rhetoric of nation-state threats
The government is using the threat of nation-state hackers to declare a state-of-emergency and pass draconian laws in congress. However, as the GitHub DDoS shows, the government has little interest in actually defending us.
It took 25 days to blame North Korea for the Sony hack, between the moment "Hacked by the #GOP" appeared on Sony computers and when President Obama promised retaliation in a news conference -- based on flimsy evidence of North Korea's involvement. In contrast, it's been more than 25 days since we've had conclusive proof the Chinese government was DDoSing GitHub, and our government has remained silent. China stopped the attacks after two weeks on their own volition, because GitHub defended itself, not because of anything the United States government did.
The reason for the inattention is that GitHub has no lobbyists. Sony spends several million dollars every year in lobbying, as well as hundreds of thousands in campaign contributions. When Sony gets hacked, politicians listen. In contrast, GitHub spends zero on either lobbying or contributions.
It's not that GitHub isn't important -- it's actually key infrastructure to the Internet. All computer nerds know the site. It's the largest repository of source-code on the Continue reading
HP Gets Mobile with New Campus Networking Products
HP is taking mobility to the campus with new products it announced today at Interop.
Pop Quiz: Which of These Security Startups Missed RSA?
Winner gets a pair of SDxCentral socks. We're not kidding.
Featured Video: Next-Generation Data Centers Need Next-Generation Security
Automated security policies can help you roll out apps faster, get more granular with your security, and reduce over provisioning.
OMG, VXLAN Encapsulation Has No Security!
Every now and then someone actually looks at the VXLAN packet format and eventually figures out that VXLAN encapsulation doesn’t provide any intrinsic security.
TL&DR Summary: That’s old news, the sky is not falling, and deploying VXLAN won’t make your network less secure than traditional VLAN- or MPLS-based networks.
Read more ...DevOps Breaks Security, and Access Management Could Be the Fix
The speed and scope of DevOps just broadens the network security problem.
Juniper CTO Chris Hoff Makes ‘Epic Fail’ in RSA Keynote
At least there weren't any wild animals.
Feds’ Encryption Key Escrow Plan Meets Resistance
Encryption is a threat to public safety, the Secretary of Homeland Security says.
RSA President Amit Yoran Makes a Splash in Debut Keynote
Not quite a home run, but Yoran draws good marks as he (vaguely) calls for standards in security reporting.
Big Switch Networks & Cyphort Use SDN to Deliver Advanced Threat Detection
Big Switch Networks and Cyphort have just announced a new partnership that will bring a SDN defense product to market by combining Big Tap and Advanced Threat Defense Platform.
Intel and Ericsson Deepen Ties in Managed Security Services
Another partnership between the two giants, this time targeting telco-managed security.