Take Application Security to the Next Level – VMware and Carbon Black team up

 

 

 

Perhaps you’ve already begun to secure virtualized applications by rolling out micro-segmentation with NSX, but segmentation of the network is only the beginning to embracing least privilege in your environment.

 

VMware has teamed up with Carbon Black to go beyond network protection and change the way your data center endpoints themselves are protected. By leveraging the unique properties of virtualization and the hypervisor, along with next-generation detection and response, VMware and Carbon Black are able to shrink your environment’s attack surface and respond to detected threats with precision and speed.

Learn more here, and come see the solution in action at the Cloud Force Security road show (coming to a city near you)!

 

The post Take Application Security to the Next Level – VMware and Carbon Black team up appeared first on Network Virtualization.

Dell EMC Introduces New Certifications to Establish and Validate IT Skills of the Future

Dell EMC Introduces New Certifications to Establish and Validate IT Skills of the Future Four new certifications help organizations maximize technology investments, modernize IT, build in-house transformation expertise Highest-level certification, Dell EMC Certified Master – Enterprise Architect, validates ability to design and implement secure IT-as-a-Service solutions for the digital economy Additional certifications focused on converged/hyper-converged infrastructure, multi-cloud administration and infrastructure security Dell EMC unveiled new certifications that establish and... Read more →

Validating Leaked Passwords with k-Anonymity

Validating Leaked Passwords with k-Anonymity

Validating Leaked Passwords with k-Anonymity

Today, v2 of Pwned Passwords was released as part of the Have I Been Pwned service offered by Troy Hunt. Containing over half a billion real world leaked passwords, this database provides a vital tool for correcting the course of how the industry combats modern threats against password security.

I have written about how we need to rethink password security and Pwned Passwords v2 in the following post: How Developers Got Password Security So Wrong. Instead, in this post I want to discuss one of the technical contributions Cloudflare has made towards protecting user information when using this tool.

Cloudflare continues to support Pwned Passwords by providing CDN and security functionality such that the data can easily be made available for download in raw form to organisations to protect their customers. Further; as part of the second iteration of this project, I have also worked with Troy on designing and implementing API endpoints that support anonymised range queries to function as an additional layer of security for those consuming the API, that is visible to the client.

This contribution allows for Pwned Passwords clients to use range queries to search for breached passwords, without having to disclose a complete unsalted Continue reading

How Developers got Password Security so Wrong

How Developers got Password Security so Wrong

How Developers got Password Security so Wrong

Both in our real lives, and online, there are times where we need to authenticate ourselves - where we need to confirm we are who we say we are. This can be done using three things:

  • Something you know
  • Something you have
  • Something you are

Passwords are an example of something you know; they were introduced in 1961 for computer authentication for a time-share computer in MIT. Shortly afterwards, a PhD researcher breached this system (by being able to simply download a list of unencrypted passwords) and used the time allocated to others on the computer.

As time has gone on; developers have continued to store passwords insecurely, and users have continued to set them weakly. Despite this, no viable alternative has been created for password security. To date, no system has been created that retains all the benefits that passwords offer as researchers have rarely considered real world constraints[1]. For example; when using fingerprints for authentication, engineers often forget that there is a sizable percentage of the population that do not have usable fingerprints or hardware upgrade costs.

Cracking Passwords

In the 1970s, people started thinking about how to better store passwords and cryptographic hashing started to Continue reading

History of Networking: Policy with Joel Halpern

Policy at Internet scale is a little understood, and difficult (potentially impossible) to solve problem. Joel Halpern joins the History of Networking over at the Network Collective to talk about the history of policy in the Internet at large, and networked systems in general.

The Next Platform Announces Renowned HPC Expert Joins Team

Former Harvard Computer Science Lead Brings Distributed Systems Experience to Top Publication’s Readers

The Next Platform is proud to announce that former Assistant Dean and Distinguished Engineer for Research Computing at Harvard, Dr. James Cuff, has joined the editorial team in a full-time capacity as Distinguished Technical Author.

As the leading publication covering distributed systems in research and large enterprise, Dr. Cuff rounds out a seasoned editorial team that delivers in-depth analysis from the worlds of supercomputing, artificial intelligence, cloud and hyperscale datacenters, and the many other technology areas that comprise the highest end of today’s IT ecosystems.

Dr. Cuff

The Next Platform Announces Renowned HPC Expert Joins Team was written by Nicole Hemsoth at The Next Platform.

The Road To 400G Ethernet Is Paved With Bechtolsheim’s Intentions

The best way to make a wave is to make a big splash, which is something that Andy Bechtolsheim, perhaps the most famous serial entrepreneur in IT infrastructure, is very good at doing. As one of the co-founders of Sun Microsystems and a slew of networking and system startups as well as the first investor in Google, he doesn’t just see waves, but generates them and then surfs on them, creating companies and markets as he goes along.

Bechtolsheim was a PhD student at Stanford University, working on a project that aimed to integrate networking interfaces with processors when he

The Road To 400G Ethernet Is Paved With Bechtolsheim’s Intentions was written by Timothy Prickett Morgan at The Next Platform.

BrandPost: How to accelerate multi-cloud migration

As we begin 2018, enterprises continue to accelerate their migration of workloads to public cloud service providers (AWS, Azure and Google), often as part of an overall digital transformation (DT) and cloud-first IT strategy. This is not surprising as IDC predicts that by the end of this year, nearly 80% of workloads will be processed in cloud data centers.To read this article in full, please click here

What is NAS and how do NAS servers excel at corralling unstructured data?

Network-attached storage (NAS) is a category of file-level storage that’s connected to a network and enables data access and file sharing across a heterogeneous client and server environment.“Ideally, NAS is platform- and OS-independent, appears to any application as another server, can be brought online without shutting down the network and requires no changes to other enterprise servers,” says research firm Gartner in its definition of NAS. BE SURE NOT TO MISS: What do users really think of all-flash arrays? What is hyperconvergence? Hyperconvergence gathers speed in 2018 Micro-modular data centers set to multiply NAS history: the evolution of network-attached storage NAS evolved from file servers used in the 1980s to provide access to files for network clients. NAS devices typically consist of bundled hardware and software with a built-in operating system, and they typically use industry-standard network protocols such as SMB and NFS for remote file service and data sharing and TCP/IP for data transfer. In an enterprise setting, NAS can allow IT teams to streamline data storage and retrieval while consolidating their server and storage infrastructure.To read this article in full, please click here

How fast can a bird search a tree?

 

I was wondering if you could help me figure something out: what is the algorithmic complexity of a bird searching a tree for food?

Over the years I've had the pleasure of watching a lot of cute little birds feed in our oak trees. I've noticed they have a search pattern.

A bird will hop from branch to branch looking for insects. They don't hop on a branch and explore every square inch of it, so it's not an exhaustive search. They'll take a couple hops, peck at a branch a few times, and hop to a nearby branch. Birds also search the underside of branches, so the whole surface area of a tree is game. 

I've often marveled in wonder at how efficient this whole process is. They scour huge trees in no time. Then they'll move on to the next tree and repeat the process until they fly away to a completely different area.

My dog when searching for a ball seems to follow a similar Lévy flight sort of pattern. Search a local area by bouncing around for bit and then take a bee-line for a completely different area and repeat the process. 

Often Continue reading

1 1,706 1,707 1,708 1,709 1,710 3,832