Report: Attacks based on open source vulnerabilities will rise 20 percent this year

As open source code becomes more prevalent in both commercial and home-grown applications, the number of attacks based on its vulnerabilities will increase by 20 percent this year, predicted Black Duck Software, which collects statistics about open source projects.The number of commercial software projects that were composed of 50 percent or more of free, open source software went up from 3 percent in 2011 to 33 percent today, said Mike Pittenger, vice president of security strategy at Black Duck Software.The average commercial application uses more than 100 open source components, he said, and two-thirds of commercial applications have code with known vulnerabilities in it.To read this article in full or to leave a comment, please click here

How to handle security vulnerability reports

If there’s a flaw in your IT security — and there probably is — you can’t assume that someone in your organization will be the first to find it. But if you’re lucky, instead of ending up with ransomware or a data breach, you might hear about it from a security researcher or even a smart customer who’s spotted the problem and wants to warn you. Are you ready to listen?Many companies aren’t, warns security consultant Troy Hunt. Hunt runs haveibeenpwned.com, a website that helps people discover if any of their accounts have been compromised by data breaches. Because of his role with the website, he routinely finds himself in a position to contact organizations about breaches and other security issues that he’s found or that other people pass on to him.To read this article in full or to leave a comment, please click here(Insider Story)

Top 10 questions about Avaya’s networking business

The trials and tribulations of Avaya and the fate of its related businesses have been well documented in the press over the past six months. One of the business units I have been following most closely is the company’s networking business, as it has a differentiated product and could prove to be a significant asset to an acquirer. One of the challenges Avaya has had in networking is a lack of customer awareness into the product set or even the fact that Avaya is in networking. When I have brought the topic up with network engineers, I’ve received a number of questions about Avaya Networking. Below are the most common questions I have received: To read this article in full or to leave a comment, please click here

Top 10 questions about Avaya’s networking business

The trials and tribulations of Avaya and the fate of its related businesses have been well documented in the press over the past six months. One of the business units I have been following most closely is the company’s networking business, as it has a differentiated product and could prove to be a significant asset to an acquirer. One of the challenges Avaya has had in networking is a lack of customer awareness into the product set or even the fact that Avaya is in networking. When I have brought the topic up with network engineers, I’ve received a number of questions about Avaya Networking. Below are the most common questions I have received: To read this article in full or to leave a comment, please click here

How to handle security vulnerability reports

If there’s a flaw in your IT security — and there probably is — you can’t assume that someone in your organization will be the first to find it. But if you’re lucky, instead of ending up with ransomware or a data breach, you might hear about it from a security researcher or even a smart customer who’s spotted the problem and wants to warn you. Are you ready to listen?To read this article in full or to leave a comment, please click here(Insider Story)

Tackling cybersecurity threat information sharing challenges

There’s been considerable talk in recent years about the importance of cybersecurity information sharing. After all, few organizations can really work in a vacuum and no single organization can see all of the threats laying in wait on the internet.And many CISOs find it helpful to share notes with others in their industry to compare which strategies and practices work best and compare program maturity levels. But the nearly two-decade effort to share such information hasn’t been smooth.Many organizations are wary of sharing sensitive cybersecurity information, especially with governments. Not only can such information jeopardize the security posture of an organization, it can damage customer impressions of a company and even affect stock values.To read this article in full or to leave a comment, please click here

Tackling cybersecurity threat information sharing challenges

There’s been considerable talk in recent years about the importance of cybersecurity information sharing. After all, few organizations can really work in a vacuum and no single organization can see all of the threats laying in wait on the internet.And many CISOs find it helpful to share notes with others in their industry to compare which strategies and practices work best and compare program maturity levels. But the nearly two-decade effort to share such information hasn’t been smooth.Many organizations are wary of sharing sensitive cybersecurity information, especially with governments. Not only can such information jeopardize the security posture of an organization, it can damage customer impressions of a company and even affect stock values.To read this article in full or to leave a comment, please click here

Miss me?

Wow! Do I feel like a bad parent or something right now –  I ahve realized that I have neglected my blog here for a few months now –  bad Fryguy! Work last year got crazy, good crazy! I have made a commitment to myself and you to post at least one blog posts per-month, planning […]

The post Miss me? appeared first on Fryguy's Blog.

50% off J5 Tactical V1-Pro Ultra Bright 3 Mode Flashlight – Deal Alert

Heavy duty, compact and tough as nails. Perhaps the last flashlight you'll ever need. That's how J5 Tactical describes their V1-Pro. A super bright 300 lumens LED produces an intense beam of light up to 600 feet with high, low and strobe modes. It can take a beating, is weather resistant, and works for hours on a single AA battery. With nearly 6,000 reviews on Amazon, it averages 4.5 out of 5 stars (read reviews). Its typical list price of $29.95 has been reduced by 50% to $14.95. See the discounted J5 Tactical V1-Pro flashlight now on Amazon.To read this article in full or to leave a comment, please click here

Endpoint security in 2017

Just a few years ago, there were about 6 to 10 well regarded AV vendors that dominated the market. Fast forward to 2017, and my colleague Doug Cahill and I are currently tracking around 50 endpoint security vendors. Why has this market changed so much in such a short timeframe? New types of targeted threats regularly circumvented signature-based AV software over the past few years. This weakness led to system compromises, data breaches and panicky CISOs in search of AV alternatives. This in turn persuaded the fat cats on Sand Hill Road to throw VC dollars at anything that hinted at endpoint security innovation.OK, I get the need for more than signature-based AV, but there simply isn’t room in the market for 50 endpoint security vendors. Thus, it’s safe to assume we'll see a lot of M&A activity and outright business failures this year. To read this article in full or to leave a comment, please click here

IDG Contributor Network: Reliability, not principally speed, will drive 5G

Brand-new research from a consultant and a trade body released last week estimates the deployment of 5G networks could create up to 3 million jobs. Accenture, along with CTIA, also predict the new radio networking technology will add $500 billion to the American GDP.That's good news. However, questions about 5G remain. And they’re unrelated to the actual physics of the technology—which doesn’t really exist yet. The questions include an important matter: What’s going to drive these kinds of high-flown claims, and why is 5G being trumpeted as special? Is it really such a quantum leap over existing networks?To read this article in full or to leave a comment, please click here

IDG Contributor Network: Reliability, not principally speed, will drive 5G

Brand-new research from a consultant and a trade body released last week estimates the deployment of 5G networks could create up to 3 million jobs. Accenture, along with CTIA, also predict the new radio networking technology will add $500 billion to the American GDP.That's good news. However, questions about 5G remain. And they’re unrelated to the actual physics of the technology—which doesn’t really exist yet. The questions include an important matter: What’s going to drive these kinds of high-flown claims, and why is 5G being trumpeted as special? Is it really such a quantum leap over existing networks?To read this article in full or to leave a comment, please click here

L3 fabric DC -The underlay Network (BGP) -part2

In the previous post, we laid the foundation of L3 fabric DC In this post we will discuss the underlay network which mainly provide IP reachability plus ECMP capability, here BGP would play a role in your DC next to the 3 other that we discussed one of the previous posts. For the sake of simplicity …

The post L3 fabric DC -The underlay Network (BGP) -part2 appeared first on Networkers-online.com.

This Wi-Fi alternative rides on LTE rails

A group that sees enterprises and even consumers setting up their own LTE-like networks now has a formula to work from.On Tuesday, the MulteFire Alliance announced MulteFire Release 1.0, which defines an LTE-like network that can run entirely on unlicensed spectrum like the frequencies Wi-Fi uses. In some cases, it may be an alternative to Wi-Fi with more capacity, better security and easier handoffs from carrier networks, Alliance President Mazen Chmaytelli says.Users could include businesses that need highly predictable networks for time-sensitive industrial applications, stadium owners looking for a simpler way to speed up wireless for fans, and eventually consumers networking their homes. But none of these will happen overnight.To read this article in full or to leave a comment, please click here

This Wi-Fi alternative rides on LTE rails

A group that sees enterprises and even consumers setting up their own LTE-like networks now has a formula to work from.On Tuesday, the MulteFire Alliance announced MulteFire Release 1.0, which defines an LTE-like network that can run entirely on unlicensed spectrum like the frequencies Wi-Fi uses. In some cases, it may be an alternative to Wi-Fi with more capacity, better security and easier handoffs from carrier networks, Alliance President Mazen Chmaytelli says.Users could include businesses that need highly predictable networks for time-sensitive industrial applications, stadium owners looking for a simpler way to speed up wireless for fans, and eventually consumers networking their homes. But none of these will happen overnight.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Dome9 offers multi-cloud security, adds native support for Azure

Dome9 Security, a cloud infrastructure security and compliance vendor, announced today that it is offering native support for the Microsoft Azure cloud platform.This is interesting because until now, Dome9 had strongly pushed an Amazon Web Services (AWS) story. The reasons for that are clear: AWS is the 1,000-pound elephant when it comes to cloud infrastructure, greatly eclipsing all other vendors in terms of market share. But reliance on a single vendor is risky, and the number of third-party vendors at AWS’ recent re:Invent conference that looked uncomfortable at AWS announcements shows the folly of being completely tied to one platform.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Dome9 offers multi-cloud security, adds native support for Azure

Dome9 Security, a cloud infrastructure security and compliance vendor, announced today that it is offering native support for the Microsoft Azure cloud platform.This is interesting because until now, Dome9 had strongly pushed an Amazon Web Services (AWS) story. The reasons for that are clear: AWS is the 1,000-pound elephant when it comes to cloud infrastructure, greatly eclipsing all other vendors in terms of market share. But reliance on a single vendor is risky, and the number of third-party vendors at AWS’ recent re:Invent conference that looked uncomfortable at AWS announcements shows the folly of being completely tied to one platform.To read this article in full or to leave a comment, please click here

A network geek pilgrimage – Networking Field Day 14

What is Networking Field Day?

Networking Field Day 14 or #NFD14 is almost upon us! I am heading to sunny San Jose, California to drink from the fire hose of data – the heavens will part and rain down golden non-fragmented packets of information and insight.

If you’re not familiar with Networking Field Day, which is part of Tech Field Day hosted by Gestalt IT, you can go here to get a full overview.

The Delegates

Networking Field Day is rare opportunity for individuals (delegates) that are engaged in the practice of network engineering/architecture to come together and interact not only with the vendors who are presenting but also fellow delegates.

While some of the delegates have attended previous Tech Field Day events, others, like myself are first timers and will be taking in the vast array of technical content as fast as our buffers permit.

The delegates comprise a group of like-minded and yet diverse networkers that are heavily invested in the community of network engineers and IT.

It’s truly a privilege to be be invited to NFD14 and I count myself fortunate to be in the company of some incredibly sharp practitioners of IP networking – a Continue reading

1 2,160 2,161 2,162 2,163 2,164 3,612