Vice President, Cloud Research
[Originally presented at the Gartner Security & Risk Management Summit 2018, “Security In A DevOps World” examines the challenges and benefits of integrating security technology and thinking into the development process at the early stages. The slides are designed to assist in the presentation of the material but they also might come in handy as a…
Read More
Drupal is the latest platform to issue an emergency patch for a critical vulnerability. The issue (CVE-2018-7600) allows an attacker to execute code remotely with little effort. That’s bad. The Drupal team has been quick to respond and has already issued a patch and a mitigation for users unable to immediately patch. In addition to…
Read More
Editors Node: Over time the Deep Security API has evolved making this workflow trivial using the APIs. Therefore the integration code has been retired and instructions on how to replicate the workflow are available in the Deep Security Automation Center. We’re thrilled to be continuing our long-running partnership with AWS with several new announcements designed…
Read More
This week 40,000 people are going to gather in Las Vegas for the biggest event in cloud, AWS re:Invent 2017. This is a fantastic event jam packed with opportunities to meet members of the community, learn about great new services from AWS, and have a blast. I’ve already written about how to get the most…
Read More
Uber is a company that is embattled on all fronts. From a very public power struggle to labour issues to regulatory challenges to a reportedly toxic culture, Uber sits in a precarious position. Yesterday, a new strike against the company came to light. In October 2016, Uber was hacked resulting in the exposure of 57…
Read More
The need for more technologists with cybersecurity skills is undeniable. That may be an awkward way to phrase it, but it’s a better representation that “cybersecurity professionals.” In today’s world, everyone who works on and with technology needs to be aware of cybersecurity challenges. This week as part of National Cyber Security Awareness Month (NCSAM),…
Read More
UPDATE: Please note we’ve provided a follow-up to this blog post here after more information regarding this breach was released.” Equifax announced a massive breach that could impact at least 143 million US consumers. That’s 44 percent of the US population. This breach will have a significant impact on a lot of people. Companies in…
Read More
Responsible disclosure is a critical process in the security community. It’s the way for security researchers and vendors to work together in order to improve system security for users. We see the opposite of this process in the digital underground. Cybercriminals often sell exploits and malicious tools for profit. The ShadowBrokers—infamous for the leak of…
Read More
The future is cloud. At this point in it’s evolution it’s undeniable. The questions facing organizations now are “how much?” and “how fast?” How do you map out a reasonable path to a cloud deployment? Few organizations will be 100 percent cloud and most will take years to migrate existing assets from their on-premises environments….
Read More
Editors Node: Over time the Deep Security API has evolved making this workflow trivial using the APIs. Therefore the integration code has been retired and instructions on how to replicate the workflow are available in the Deep Security Automation Center. Amazon S3 stores trillions of objects and regularly peaks at millions of requests per second….
Read More
