Multiple Perspectives on Security

Security Journal

Subscribe to Security Journal: eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get Security Journal: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Latest Articles from Security Journal
IBM has announced software that allows people to hide or anonymize their personal information on the Web, ensuring protection from identity theft and other misuse. Developed by researchers at IBM's laboratory in Zurich, Switzerland, the software – called Identity Mixer – will enable co...
Vormetric on Wednesday announced the results of its 2015 Insider Threat Report (ITR), conducted online on their behalf by Harris Poll and in conjunction with analyst firm Ovum in fall 2014 among 818 IT decision makers in various countries, including 408 in the United States. The report...
Simply by having access, privileged users may unwittingly put data at risk – or be used by an outside actor as a conduit for siphoning data. Unsurprisingly, privileged accounts are very attractive targets for attackers seeking to leverage access privileges for their own nefarious purpo...
SYS-CON Media announced that Centrify, a provider of unified identity management across cloud, mobile and data center environments that delivers single sign-on (SSO) for users and a simplified identity infrastructure for IT, has launched an ad campaign on Cloud Computing Journal. The ...
VASCO Data Security International, Inc., announced on Wednesday that The Bank of Tokyo-Mitsubishi UFJ, Ltd. (BTMU) has implemented VASCO's two-factor authentication solutions to protect retail banking customers accessing the bank's online banking services. DIGIPASS for Mobile for smar...
The Internet of Things needs an entirely new security model, or does it? Can we save some old and tested controls for the latest emerging and different technology environments? In his session at Internet of @ThingsExpo, Davi Ottenheimer, EMC Senior Director of Trust, will review hands-...
Every organization should follow a proactive rather than a reactive approach to protect against threats, risks, and vulnerabilities to which if their IT infrastructure is exposed can lead to data loss, regulatory penalties, lawsuits, and damaged reputation. Moving on the same lines, to...
By Wayne Ariola, Parasoft Chief Strategy Officer From the point of view of a developer or tester, the dependent architect...
In a recent webinar, Porticor’s AWS cloud security experts took on the security challenges companies face when migrating to AWS (and other IaaS clouds) and offered alternatives that enable IT Directors to take advantage of the cloud, while maintaining control of their data and its secu...
Editor’s note: This post by Invincea CEO Anup Ghosh first appeared at LinkedIn. We knew this would be of interest to you and posted it here with the author’s permission.-bg I’ll say it up front, your security program does not work because it is based on three common m...
UPDATE (9/28/2014): Our security team indicates that we're now seeing the majority of attempted exploits of Shellshock coming in through input paramters. They've provided ASM signatures to mitigate and recommend customers use these signatures to protect their applications. You ...
For retailers everywhere, it’s a challenging new day. Security threats are a constant – both inside their four walls and out. The big security breaches we hear about on the news; the smaller ones sometimes not. But their impact remains costly to us all. The need for mobility, rapidly e...
Advanced Persistent Threats (APTs) are increasing at an unprecedented rate. The threat landscape of today is drastically different than just a few years ago. Attacks are much more organized and sophisticated. They are harder to detect and even harder to anticipate. In the foreseeable f...
What do a firewall and a fortress have in common? They are no longer strong enough to protect the valuables housed inside. Like the walls of an old fortress, the cracks in the firewall are allowing the bad guys to slip in – unannounced and unnoticed. By the time these thieves get in, t...
"Big data" gets all the press - but for the vast majority of people who work with data, it's the proliferation of "little data" that impacts us the most. What do I mean by little data? I'm referring to the proliferation of various SaaS and Cloud-based applications, on-premises applica...
JP Morgan Chase has announced that in June and July of this year over 76 million retail clients and over 7 million business clients had there personal information stolen from various company websites. The sites identified were: Chase.com, JPMorganOnline, Chase Mobile and JPMorgan Mobil...
The move to the cloud brings a number of new security challenges, but the application remains your last line of defense. In his session at 15th Cloud Expo, Arthur Hicken, Evangelist at Parasoft, to discuss how developers are extremely well-poised to perform tasks critical for securin...
The keys to the digital kingdom are credentials. In no industry is this more true (and ultimately more damaging) than financial services. The sophistication of the attacks used to gather those credentials and thwart the increasingly complex authentication process that guards financial ...
The key to securing your mobility is to understand how it is being used in your environment and what is potentially at risk. Taking stock of the mobile devices, applications and traffic in your network is critical to identifying how your data and resources are potentially vulnerable. ...
Cloud and Big Data present unique dilemmas: embracing the benefits of these new technologies while maintaining the security of your organization's assets. When an outside party owns, controls and manages your infrastructure and computational resources, how can you be assured that sensi...
The cloud is expanding. More applications are being run online. More data is being stored online. More businesses are relying on public, private, and hybrid clouds for their apps, records, and backups. And more hackers are taking advantage. Why Security Breaches Happen in the Cloud Hac...
According to Gartner, Big Data refers to "high volume, high velocity, and/or high variety information assets” – and, this is the key – “that require new forms of processing to enable enhanced decision making, insight discovery and process optimization." While Big Data may seem like an ...
The promise of easy, rapid, and low-cost deployment is luring increasing numbers to the cloud. Is security the only remaining obstacle to total domination by the cloud? In his session at 14th Cloud Expo, John Gunn, VP of Corporate Communications for VASCO Data Security, will examine ho...
This Lab Validation report from Enterprise Strategy Group (ESG) provides you with best practices to create an environment that offers you simple unified data protection across physical and virtual landscapes, maximum protection and data availability, and reduced storage needs and opera...
BlueBox bridge the chasm between development and infrastructure. Hosting providers are taking standardization and automation too far. For many app developers it does nothing but spawn mayhem and more work. They have to figure out how their creations live on a pre-fab infrastructure sol...
Leysin American School is an exclusive, private boarding school located in Leysin, Switzerland. Leysin selected an OpenStack-powered, private cloud as a service to manage multiple applications and provide development environments for students across the institution. Seeking to meet ri...
The Internet of Things needs an entirely new security model, or does it? Can we save some old and tested controls for the latest emerging and different technology environments? In his session at Internet of @ThingsExpo, Davi Ottenheimer, EMC Senior Director of Trust, will review hands-...
IDenticard Access Control is a leading manufacturer of integrated access control solutions to protect employees, visitors, and facilities. Owned by Brady Corporation (NYSE:BRC), a $1.15 billion manufacturer of identification products, IDenticard Access Control draws on its 30 years of ...
Today's datacenters face a gauntlet of challenges including protection of physical and virtual environments, fast recovery of data, reducing backup times and storage requirements, server consolidation, and disaster recovery. How are savvy CIOs conquering these types of challenges? Find...
The Open Web Application Security Project (OWASP) is focused on improving the security of software. Their mission is to make software security visible, so that individuals and organizations worldwide can make informed decisions about true software security risks and their OWASP Top 10 ...
In a Feb 2014 survey, 94 percent of organizations surveyed reported running applications or experimenting with infrastructure-as-a-service[1]. According to research firm Nasumi, there is over one exabyte currently stored in the cloud. An exabyte is over a billion GB[2]. Considering the...
The Internet of Things (IoT) is rapidly in the process of breaking from its heretofore relatively obscure enterprise applications (such as plant floor control and supply chain management) and going mainstream into the consumer space. More and more creative folks are interconnecting eve...
Security professionals are constantly negotiating the tension of balancing ease-of-use with data security. Savvy security professionals know that their users will often choose a less secure technology that makes getting things done easier over a more secure technology that makes gettin...
Achieving the ultimate ‘Five Nines’ of web site availability (around 5 minutes of downtime a year) has been a goal of many organizations since the beginning of the internet era. There are several ways to accomplish this but essentially a few principles apply. Web applications come in ...
From showcase success stories from early adopters and web-scale businesses, DevOps is expanding to organizations of all sizes, including the world's largest enterprises - and delivering real results. In this DevOps Summit Power Panel (http://DevOpsSummit.SYS-CON.com/) on June 9 at our ...
Many mid-market companies have invested significant time and resources to secure and back up their servers, client computers, data, and overall network infrastructure in what was the traditional client-server setup. Now, what were considered emerging technologies just a few years ago, ...
It feels as if we can’t even go a week anymore without hearing about a new breach or outage. For years, IT departments were always on stand-by should the unimaginable happen and were judged by how quickly they could curb a bad situation. These days, however, it’s not good enough to fix...
Encryption is a key element of a complete security strategy. The 2013 Global Encryption Trends Study shows a steady increase in the use of encryption solutions over the past nine years. Thirty-five percent of organizations now have an encryption strategy applied consistently across the...
This independent report from Info-Tech evaluates and scores 14 companies in the Virtual Machine Backup market. It can help you understand what's new in the virtual backup market, evaluate virtual backup vendors and products for your needs and determine which products are most appropria...
Ramesh Kesanupalli is the Founder of Nok Nok Labs and a Founding Member of FIDO Alliance. SecuritySolutionsWatch.com: Thank you for joining us today, Ramesh. It’s an honor to speak with the founder of Nok Nok Labs and the visionary behind the creation of the FIDO Alliance. Before we d...