You’ve all been there before. You’re having dinner with friends and out come the baby pictures. Inevitably, you are listening to a set of parents who are gushing about the fact that their child is the next Fabio or Christy Brinkley and THEN you see the picture…
Well, I find myself in the position today of being the doting parent. Only in this case, the “child” is a major overhaul of our flagship product, BOUNCER V6.0. With this new release the “child” has grown into an adult. You’ll have to pardon my metaphor here, but I believe building a product is, in many ways, like watching your kid grow up. With V6, we’re realizing the vision we developed for the product when I joined CoreTrace more than 3 years ago. Continue reading this post…
On July 13, 2010 Microsoft ended its support of Windows 2000-based systems. This week, Gartner Analyst Neil MacDonald detailed the options available to organizations who may still be using Windows 2000:
- Migrate to a newer and supported operating system
- Pay Microsoft for a Custom Support Agreement (CSA), running $50,000 per quarter
- Pay Microsoft for Custom Support Essentials (CSE), to receive critical security fixes
- Continue using Windows 2000-based systems without new patches
For many organizations, the first three options are time intensive and extremely expensive, but they feel concerned about running legacy systems without ongoing security patching. If your organization feels the need to continue to run Windows 2000, application whitelisting, such as our CoreTrace BOUNCER solution, may be exactly what your company needs. Continue reading this post…
For organizations that run the nation’s most critical infrastructures, it’s important to understand that today’s targeted cyber attacks are designed to carry out any number of activities including monitoring network processes to bringing down the grid. Just because hackers haven’t carried out an attack doesn’t mean malware isn’t already resident in a system waiting for the most opportune time to launch.
In the article, “Attackers can take out critical infrastructure, but profit lies elsewhere, researcher says,” Jason Larson, a security researcher at the Idaho National Laboratory, said there’s plenty of evidence that hackers have already infiltrated control systems that run power generation plants, gas and oil refineries, and other chemical factories, but so far their activity is observational. Continue reading this post…
This week I kicked off our Planet Antivirus challenge with a blog entry highlighting the top 5 failures of antivirus. My fifth point highlighted the fact that relying on antivirus resulted in a reliance on fire drill patching as a result:
Relying on antivirus ties companies to fire drill software patching — The side effect of relying on antivirus to protect endpoints is that companies are now tied to reactive software application patching as well. Because we can’t trust our antivirus software to protect the endpoint, we also must remain constantly aware and vigilant about identifying and fixing vulnerabilities in our applications on the endpoint. The resulting combination of rushed patches and signatures is a significant drain on the human resources of an organization.
It’s rare that such a post has supporting evidence appear just days after it is published, but this week, that is exactly what happened. It was reported this week that a Windows XP security update resulted in the notorious Blue Screen of Death (BSOD), locking up many users’ Windows XP PCs. In the article, “Windows patch cripples XP with blue screen, users claim,” hundreds of Windows users expressed their frustrations on the company’s support forum throughout the week. Continue reading this post…
I truly believe that 2010 is a turning point in endpoint security. The old antivirus model has reached the end of its practical usefulness and the disadvantages of an approach with a foundation of blacklisting far outweigh its benefits. Operation Aurora and the attacks against major online brands perfectly illustrates the failure of our old paradigm to protect endpoints.
Later this week, we are launching a fun (and funny) awareness campaign, called Planet Antivirus, highlighting the weaknesses of antivirus and focusing on the need to completely rethink our approach to how we defend endpoints. Today I am kicking this campaign off by highlighting the top five failures of antivirus technology: Continue reading this post…