IDS: Vitamins Or Prophylactic?
Ravi Char commented on Alan Shimel's blog titled "IDS – The Beast That Just Won't Die." Ravi makes a number of interesting comments in his blog titled "IDS/IPS – is it Vitamins?" I'd like to address...
View ArticleCloud Providers and Security “Edge” Services – Where’s The Beef?
Previously I wrote a post titled “Oh Great Security Spirit In the Cloud: Have You Seen My WAF, IPS, IDS, Firewall…” in which I described the challenges for enterprises moving applications and services...
View ArticleTo Achieve True Cloud (X/Z)en, One Must Leverage Introspection
Back in October 2008, I wrote a post detailing efforts around the Xen community to create a standard security introspection API (Xen.Org Launches Community Project To Bring VM Introspection to Xen The...
View ArticleThe Security Hamster Sine Wave Of Pain: Public Cloud & The Return To...
Image via Wikipedia This is a revisitation of a blog I wrote last year: Incomplete Thought: Cloud Security IS Host-Based…At The Moment I use my ‘Security Hamster Sine Wave of Pain” to illustrate the...
View ArticleIncomplete Thought: Why Security Doesn’t Scale…Yet.
Image via Wikipedia There are lots of reasons one might use to illustrate why operationalizing security — both from the human and technology perspectives — doesn’t scale. I’ve painted numerous...
View ArticleWhy Steeling Your Security Is Less Stainless and More Irony…
(I originally pre-pended to this post a lengthy update based on my findings and incident response, but per a suggestion from @jeremiahg, I’ve created a separate post here for clarity) Earlier today I...
View ArticleElemental: Leveraging Virtualization Technology For More Resilient &...
Yesterday saw the successful launch of Bromium at Gigamon’s Structure conference in San Francisco. I was privileged to spend some stage time with Stacey Higginbotham and Simon Crosby (co-founder, CTO,...
View ArticleSix Degress Of Desperation: When Defense Becomes Offense…
English: Defensive and offensive lines in American football (Photo credit: Wikipedia) One cannot swing a dead cat without bumping into at least one expose in the mainstream media regarding how various...
View ArticleIncomplete Thought: In-Line Security Devices & the Fallacies Of Block Mode
The results of a long-running series of extremely scientific studies has produced a Metric Crapload™ of anecdata. Namely, hundreds of detailed discussions (read: lots of booze and whining) over the...
View ArticleThe Curious Case Of Continuous and Consistently Contiguous Crypto…
Here’s an interesting resurgence of a security architecture and an operational deployment model that is making a comeback: Requiring VPN tunneled and MITM’d access to any resource, internal or...
View Article
More Pages to Explore .....