CoreTrace WhiteSpace

The Application Whitelisting and Security Weblog

Thanks to our customers, partners and employees for helping us change computer security

Posted:  November 23, 2009 by Toney Jennings

Thanks to our customers, partners and employees for helping change desktop securityIn the spirit of Thanksgiving week, I wanted to take this opportunity to say thanks to all of our customers, partners and employees who are helping CoreTrace change the face of computer security. It has been a fantastic year so far and we have a lot to be thankful for. More than ever businesses and individuals are looking for a new approach to computer security, and application whitelisting has come to the forefront as an alternative to traditional antivirus.

We are certainly excited to be a top vendor of application whitelisting and are looking to finish the year strong and look forward to a breakthrough 2010.

Thanks again to everyone involved in making CoreTrace a success.

Please use the comment form and leave your thoughts!

Social network security key issue for business in 2010

Posted:  November 20, 2009 by JT Keating

Social network security key for business in 2010There have been many cases of social networks overlapping security software this year. Whether they are using Twitter or Facebook for botnet control or propagating phishing links through shortened URLs, online criminals are finding ways to tap into the explosive growth of social networks and use that to exploit end users and their devices.

A recent article in SearchSecurity.com, “Hackers to sharpen malware, malicious software in 2010″, points to increasing sophistication in cybercriminals’ use of social networking sites. ( Read More… )

Please use the comment form and leave your thoughts!

Don’t miss the point of 60 Minutes grid security story – Cyber threats are real

Posted:  November 16, 2009 by Toney Jennings

In the wake of the 60 Minutes story there has been both a significant amount of attention given to the story online as well as expected complaints that the story was over hyped. The specific complaint was the citation by “prominent intelligence sources” that the Brazilian power outage was caused by cyber attacks. I even received some tweets dinging me for propagating the hype from my last post on the original 60 minutes story.

The complaint is that 60 Minutes didn’t do their homework and that there is no proof that the actual outage was caused by hackers. I won’t get dragged into that dispute here, but I would like to address the conclusion that some have made that hacking in general is overstated.

To those who work in the security industry and say that the cyber threat to both Government and private systems is over hyped, my answer is have they even been paying attention? Both foreign governments and organized online crime have been carrying out attacks with specific purposes with increasing frequency and the evidence is all around us. ( Read More… )

Most recent comment:   Grid security still in national spotlight – Obama declares December Critical Infrastructure Protection Month — CoreTrace WhiteSpace

[...] Opinions varied about the special itself, but the one thing people shouldn’t overlook is that cyber threats are real ...

60 Minutes highlights cyber threats to our power grid

Posted:  November 9, 2009 by Toney Jennings

If you missed it this weekend, I am including a link to the 60 Minutes special on cyber security this weekend as well as embedding the video below. The episode is a sobering look at the threats to not only to the systems that comprise our power grid, but it also sheds light on just how vulnerable we are as a nation to an online attack.

Watch CBS News Videos Online

The story begins with an interview of Admiral Mike McConnell, former chief of national intelligence, who has this to say:

“If I were an attacker and I wanted to do strategic damage to the United States, I would either take the cold of winter or the heat of summer, I probably would sack electric power on the U.S. East Cost, maybe the West Coast, and attempt to cause a cascading effect. All of those things are in the art of the possible from a sophisticated attacker,” McConnell explained.

“Do you believe our adversaries have the capability of bringing down a power grid?” Kroft asked.

“I do,” McConnell replied.

Asked if the U.S. is prepared for such an attack, McConnell told Kroft, “No. The United States is not prepared for such an attack.”

As someone who has worked in the computer industry for over 20 years, it is often easy to simply look at compliance requirements as a necessary evil that brings very little real value to business. In the case of regulations governing security on the Internet, like the North American Electric Reliability Corporation – Critical Infrastructure Protection (NERC-CIP) guidelines, their goal is nothing short of our National security.

In general, this was a very thorough piece that not only deals with grid security, but also highlights recent Internet based attacks and provides details of how important it is to defend all of our critical systems. If you have some time today this segment is certainly worth watching.

Most recent comment:   Egbert

Want some real power grid terror? Take a look at EMP. Excellent book is "One Second After."

Microsoft’s Windows 7 AppLocker, a watershed moment for application whitelisting

Posted:  November 5, 2009 by Toney Jennings

From WikiAnswers:

Q: What is a watershed moment?
A: A critical turning point.

Microsoft’s decision to include AppLocker, a technology for application whitelisting, in Windows 7 is no less than a critical turning point for the future of endpoint security. You might think it strange that the CEO of an application whitelisting company is saying such a thing about a free software offering that many might see as a competitor. Not so.

AppLocker is an incredibly important step forward toward the realization that application whitelisting is the future cornerstone of a sound endpoint security strategy. Today, Roger Grimes, product reviewer for InfoWorld, wrote reviews for the leaders in application whitelisting, including a comprehensive look at CoreTrace. The results are impressive. Roger writes: ( Read More… )

Please use the comment form and leave your thoughts!