Folks in California are so used to earthquakes that sometimes they barely notice when one happens. Folks in the security business are so busy and swamped with the noise of the market that we often miss tectonic shifts in our own world. Let me help you with that last one:
BREAKING NEWS: “Endpoint Security Earthquake Hits: McAfee Actively Endorses Application Whitelisting. Magnitude & Ramifications Are Significant.”
This week, McAfee, one of the two dominant forces in reactive, blacklist-based endpoint security, actively and unequivocally endorsed Application Whitelisting. Ironically, in hard coverage of Symantec’s recent problems with pcAnywhere, the industry is actively recommending application whitelisting too.
First, let’s cover the major quake: McAfee’s active endorsement of application whitelisting—for corporate desktops and laptops. Continue reading this post…
It is a PR disaster. A group of ‘hacktivists’ have somehow managed to attack your company website and changed your content (which is actively being displayed to the entire world). Your phone won’t stop ringing, and your mailbox just melted down. So many questions running through your mind: ‘What just happened?’, ‘Who did this?’, ‘How did they do this?’, and most importantly ‘How can I prevent this from happening again???’. It certainly doesn’t help that this has the highest level of visibility within your organization. It’s going to be a very long day.
Sadly this scenario is now playing itself out more than ever. This is especially true with a loosely managed group of hactivists that call themselves ‘Anonymous’. The list of companies affected by Anonymous is large enough to raise national media attention—which is not exactly where your company wants to have its name mentioned. Continue reading this post…
When it comes to virtualization security, there are many things that people don’t even know are problems, or don’t even know they need to address. In our recent webinar, “10 Things You Don’t Know about Virtualization Security”, IANS faculty member and Voodoo Security founder, Dave Shackleford, and CoreTrace’s CTO and founder, Dan Teal, provided their unique perspectives on things that often get left out of the picture when securing a virtual environment, and examples of how the scale of virtualization can blindside an organization before they even know what hit them.
Some of the issues they explored include:
1. You have more virtual systems than you know: Virtual sprawl is the ability to rapidly provision systems. However, it can also increase vulnerabilities such as unknown systems that aren’t properly patched or kept up with from a configuration or security standpoint. Understanding everything in your environment is a major problem in the virtual world. It’s really all about inventory, and keeping up with systems and making sure you’ve got change management in place.
Continue reading this post…
We’ve always known how tenacious hackers are, working around the clock to infiltrate corporate networks. In June, we found out just how efficient they are. Mutating malware that bypasses security updates within hours and unconventional cyber attacks on seemingly secure networks have prompted the need for stronger endpoint defenses. For many, whitelisting is the answer. Here are some of the top endpoint security stories for June 2011. Continue reading this post…
As hackers get better at breaking into networks and compromising data, IT security experts continue to debate the best ways to defend their systems against highly targeted malware attacks. In the PCWorld article, “How to Stop Hack Attacks In One Easy Step: Whitelisting,” InfoSec pro Tony Bradley highlights some of the key differences between application whitelisting and traditional blacklist-based defenses. Let’s review those difference, but then I want to make the case for Total Application Control (TAC)–a blending of the best of both approaches. Continue reading this post…