Multiple Perspectives on Security

Security Journal

Subscribe to Security Journal: eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get Security Journal: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Latest Blogs from Security Journal
Security, data privacy, reliability and regulatory compliance are critical factors when evaluating whether to move business applications from in-house client hosted environments to a cloud platform. In her session at 18th Cloud Expo, Vandana Viswanathan, Associate Director at Cognizan...
"Calligo is a cloud service provider with data privacy at the heart of what we do. We are a typical Infrastructure as a Service cloud provider but it's been designed around data privacy," explained Julian Box, CEO and co-founder of Calligo, in this SYS-CON.tv interview at 21st Cloud Ex...
Digital Transformation: Preparing Cloud & IoT Security for the Age of Artificial Intelligence. As automation and artificial intelligence (AI) power solution development and delivery, many businesses need to build backend cloud capabilities. Well-poised organizations, marketing smart de...
Most of us already know that adopting new cloud applications can boost a business’s productivity by enabling organizations to be more agile and ready to change course in our fast-moving and connected digital world. But the rapid adoption of cloud apps and services also brings with it p...
"IBM is really all in on blockchain. We take a look at sort of the history of blockchain ledger technologies. It started out with bitcoin, Ethereum, and IBM evaluated these particular blockchain technologies and found they were anonymous and permissionless and that many companies were ...
Almost every single day-I talk to people who are planning to move their organization's data to the cloud. What's more, this cloud excitement is vertical-agnostic. It's hard to find an industry that isn't thinking about cloud migration. Cisco predicts that, by 2021, 94% of global data c...
Transformation Abstract Encryption and privacy in the cloud is a daunting yet essential task for both security practitioners and application developers, especially as applications continue moving to the cloud at an exponential rate. What are some best practices and processes for enterp...
"Suddenly a lot of companies started focusing on producing services in the cloud. I like to call it Cloud Native - everything is built for the cloud. The main concept there is to enable developers to work fast," explained Ben Bernstein, CEO & Co-Founder of Twistlock, in this SYS-CON.tv...
Contextual Analytics of various threat data provides a deeper understanding of a given threat and enables identification of unknown threat vectors. In his session at @ThingsExpo, David Dufour, Head of Security Architecture, IoT, Webroot, Inc., discussed how through the use of Big Data ...
Digital Initiatives create new ways of conducting business, which drive the need for increasingly advanced security and regulatory compliance challenges with exponentially more damaging consequences. In the BMC and Forbes Insights Survey in 2016, 97% of executives said they expect a ri...
"A lot of times people will come to us and have a very diverse set of requirements or very customized need and we'll help them to implement it in a fashion that you can't just buy off of the shelf," explained Nick Rose, CTO of Enzu, in this SYS-CON.tv interview at 18th Cloud Expo, held...
The Software Defined Data Center (SDDC), which enables organizations to seamlessly run in a hybrid cloud model (public + private cloud), is here to stay. IDC estimates that the software-defined networking market will be valued at $3.7 billion by 2016. Security is a key component and be...
"We are an IT services solution provider and we sell software to support those solutions. Our focus and key areas are around security, enterprise monitoring, and continuous delivery optimization," noted John Balsavage, President of A&I Solutions, in this SYS-CON.tv interview at 20th Cl...
Two weeks ago (November 3-5), I attended the Cloud Expo Silicon Valley as a speaker, where I presented on the security and privacy due diligence requirements for cloud solutions. Cloud security is a topical issue for every CIO, CISO, and technology buyer. Decision-makers are always loo...
"Venafi has a platform that allows you to manage, centralize and automate the complete life cycle of keys and certificates within the organization," explained Gina Osmond, Sr. Field Marketing Manager at Venafi, in this SYS-CON.tv interview at DevOps at 19th Cloud Expo, held November 1-...
With the introduction of IoT and Smart Living in every aspect of our lives, one question has become relevant: What are the security implications? To answer this, first we have to look and explore the security models of the technologies that IoT is founded upon. In his session at @Thing...
"We view the cloud not as a specific technology but as a way of doing business and that way of doing business is transforming the way software, infrastructure and services are being delivered to business," explained Matthew Rosen, CEO and Director at Fusion, in this SYS-CON.tv intervie...
"We're here to tell the world about our cloud-scale infrastructure that we have at Juniper combined with the world-class security that we put into the cloud," explained Lisa Guess, VP of Systems Engineering at Juniper Networks, in this SYS-CON.tv interview at 20th Cloud Expo, held June...
SYS-CON Events announced today that Vivint to exhibit at SYS-CON's 21st Cloud Expo, which will take place on October 31 through November 2nd 2017 at the Santa Clara Convention Center in Santa Clara, California. As a leading smart home technology provider, Vivint offers home security, e...
"Since we launched LinuxONE we learned a lot from our customers. More than anything what they responded to were some very unique security capabilities that we have," explained Mark Figley, Director of LinuxONE Offerings at IBM, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct ...
In 2018, the shifting emphasis to IoT, Artificial Intelligence (AI), virtual reality (VR) and automation seem to overshadow cloud; yet, I believe it is just the opposite. A recently published industry survey shows that by 2020, the use of public cloud will grow dramatically. Business...
In this Lightboard Post of the Week, I answer a question about 2FA and SSO with AD/RSA on BIG-IP by creating a SSO Credential Mapping policy agent in the Visual Policy Editor, that takes the username and password from the logon page, and maps them to variables to be used for SSO servic...
If you missed our initial issue of the DC Chronicles, check it out here. The Chronicles are intended to keep you updated on DevCentral happenings and highlight some of the cool articles you may have missed over the last month. Welcome. First up, 2018 will be the year that we publicly o...
Today, let’s take a look at Application Connector. Application Connector connects public clouds to your application service infrastructure within cloud interconnects or data centers. This enables the use of public cloud resources as part of your compute infrastructure while also perfor...
A few years ago – in the early days of Blockchain – a lot of people were taken with the idea of a multifunctional chain on which all transactions could be handled. After Ethereum was launched in 2014, its advocates were talking themselves hoarse about the transformative opportunities t...
2017 was the year of ransomware. Ransomware has been around for years, but the victims were typically non-technical consumers: the impact, although serious from the victim's perspective, was limited. In 2017 we've seen huge ransomware attacks close down hospitals and businesses, puttin...
It’s that time of year when we gift and re-gift, just like this text from last year. And the perfect opportunity to re-post, re-purpose and re-use all my 2017 entries. If you missed any of the 64 attempts including 16 videos, here they are wrapped in one simple entry. I read somewhere ...
In this Lightboard Post of the Week, I answer a few questions about SSL/https on Virtual Servers. BIG-IP being a default deny, full proxy device, it’s important to configure specific ports, like 443, to accept https traffic along with client and server side profiles and include y...
The rule of thumb for network security today is that there is no perimeter anymore. An outsider can easily become an insider once perimeter security is breached. Every day, attackers find new ways to breach enterprise perimeter security through ransomware, malware or phishing through s...
These days, no matter what task you’re trying to accomplish within your online properties, chances are there’s at least one cloud solution that provides it. However, with so much of our personal and business data living now online, there’s perhaps no functionality more important than c...
Thinking of taking the F5 Certified 101 or 201 exams but not sure if you are ready? Ease the anxiety by taking a F5 Practice Exam! That’s what I did, and it sure helped. If you remember, back in August I attempted the 201-TMOS Administrator exam and successfully failed, missing by a fe...
DevOps is not just a hot topic for Development and Operations teams: it brings huge benefits to everyone in the software delivery pipeline—including security. That’s because DevOps, and more specifically DevOps Management tools, helps to prevent security vulnerabilities in the delivery...
Targeted attacks on the network of a business can be big trouble. A business should know where to look and what to look for to stop the attacks. Businesses are aware of the dangers of hackers. They know that a hacker can steal private information that hey store on their computer netwo...
With the release of the new 2017 Edition of the OWASP Top 10, we wanted to give a quick rundown of how BIG-IP ASM can mitigate these vulnerabilities. First, here’s how the 2013 edition compares to 2017. And how BIG-IP ASM mitigates the vulnerabilities. Vulnerability BIG-IP ASM Co...
When we prepare for our Featured Member series, I typically send out a questionnaire and the DevCentral member writes out their answers. With the opening question I’ll do a bit of editing and use that for the intro. This month however, airloom’s Kevin Davies did such a grea...
In this Lightboard Post of the Week, I light up the answer to a question about BIG-IP APM Policy Sync. Posted Question on DevCentral: https://devcentral.f5.com/questions/apm-policy-sync-56330 Thanks to DevCentral user Murali (@MuraliGopalaRao) for the question and special thanks to Leo...
Today, let’s look at a couple ways to mitigate an application DDoS attack with BIG-IP ASM. We’ve logged into a BIG-IP ASM and navigated to Security>DDoS Protection>DDoS Profiles. In the General Settings of Application Security, we’ll activate an application DoS iRule event. We’...
Keeping your enterprise data safe and secure is more important now than it ever has been. IT has always been an ever-changing industry, but in recent years, it has been changing more and more quickly. Now, thanks to the cloud, big data, and mobile devices all expanding at once, it may ...
Networks have become large, complex entities that are increasingly difficult to manage and control. Security, audit, risk and compliance professionals know that their organizations rely on them for effective risk management, control and governance processes that are essential to the sa...
BIG-IP provides Local Traffic Policies that simplify the way in which you can manage traffic associated with a virtual server. You can associate a BIG-IP local traffic policy to support selective compression for types of content that can benefit from compression, like HTML, XML, and CS...