Interop is promoted as a technology conference and traditionally has covered a range of interoperability topics, from core infrastructure up to applications. The conference also provides attendees with information on current security trends. This year, keynotes spoke broadly of BYOD, cloud computing, the desire for options and in general, the importance of flexibility during change.
As socially engineered malware (SEM) becomes more and more complex, endpoint protection (EPP) products increasingly depend on cloud-based reputation systems to protect users. Both Internet Explorer and Chrome use cloud-based reputation systems to protect users from SEM. Application reputation technologies are ubiquitous among EPP products, and EPP products collect significantly more telemetry data from their user base than do browsers. Application reputation technologies by definition are much more proactive than blacklisting techniques – if they are well designed.
Incident response (IR) is a key process designed to provide context, priority, and ultimately, closure for the events associated with an attack. When enterprise defenses falter, an IR process should give the information security (IS) team enough information to efficiently clean up the mess from a breach. A good IR process reveals the attackers and their motives; a great IR process will consistently prevent serious damage while efficiently conserving enterprise time and resources.
Following publication of our new breach detection systems (BDS) test results, FireEye responded somewhat forcefully in a blog post by Manish Gupta.
Not everyone can end up in the top right quadrant of the NSS Labs Security Value Map™ (SVM), so it is not unusual for someone to be unhappy. It is, however, unusual for someone to behave the way FireEye did in this instance. Normally we would not respond to such attacks, but there are a number of untruths and misdirections in their blog post that we feel we must address.
If you read the blog Hull Breach Detected. Deck 3 Sealed Off. Damage Unknown. (subtitled “You Can Learn a Lot About Enterprise Security from Star Trek”), then you have returned for the answers to the trivia question. If you did not read the blog, then this is your spoiler alert: read that blog first.
Within the past decade, massive data breaches have become more frequent and the number of records that are lost has increased. Data breaches of US companies alone exposed more than 500 million records in 2013. However, users that share the same password on different services are just the tip of the iceberg regarding the consequences of data breaches. For authentication, users typically rely on only a small number of unique personal information attributes. These same information attributes are used in several places and inevitably are lost, in large numbers, during data breaches.
You Can Learn a Lot about Enterprise Security from Star Trek
“Security: The final frontier. These are the voyages of the modern enterprise, its unending mission to explore strange new attack vectors, to seek out new network anomalies and new defenses. To boldly secure where no NGFW has secured before.”
Samsung is a powerhouse. Driven by an endless list of new technology and features, it has consistently dominated the consumer electronics market. Where once it was no more than a footnote in the mobile industry, Samsung is now the number one player (by volume) for smartphones. Particularly impressive about Samsung’s success in the mobile device market is the fact that it has built its business on Google’s Android software.
If you haven’t heard, there is a shortage of mobile app developers. Not surprising really, given the monster growth in mobile apps being developed and deployed. Reasonable market estimates for the number of mobile apps downloaded in 2013 run as high as 100 billion. It’s hard to find enough talent to write that many apps.