36 posts from May 2009
May 29, 2009
 President Obama says the cyber threat is one of the most serious economic and national security challenges we face
Pin It

iStock_000005708993XSmall.jpgWe've been blogging for awhile here on the Obama administration and Cybersecurity.

It looks like he is in fact following through. According to - President Obama said that cyberspace is one of the biggest threats to the economy and the military.

Obama goes on to site a survey claiming that in the past two years alone cyber crime has cost Americans more than $8 billion and that he has personally had his privacy violated by cyber criminals. He also speaks to this being an issue of remaining competitive in a global economy and protecting sensitive information from...

"the disgruntled employee on the inside, the lone hacker a thousand miles away, organized crime, the industrial spy and, increasingly, foreign intelligence services. It's been estimated that last year alone cyber criminals stole intellectual property from businesses worldwide worth up to $1 trillion. In short, America's economic prosperity in the 21st century will depend on cybersecurity. For all these reasons, it's now clear this cyber threat is one of the most serious economic and national security challenges we face as a nation."

President Obama restated a line from speeches earlier in his administration stating that - our digital infrastructure will be treated as a strategic national asset. He highlight five key areas of focus and responsibility for this new initiative.

  1. Develop a comprehensive strategy
  2. Unified approach bringing together federal, state and local government as well as private sector
  3. Collaborate with and strengthen public/private partnerships
  4. Continued investment in research and development
  5. Embark on a national campaign of cybersecurity awareness and digital literacy

Unlike "cyber czars" of the past administrations - it looks like the one under the Obama administration is going to have greater support from the President and a more defined strategy.


May 28, 2009
 Web Application Parameter Tampering Demonstration Video
Pin It
This is a continuation of multiple educational video demonstrations related to Web application attacks. This video is focused on parameter tampering. The definition can be found in the Imperva ADC Glossary here.


May 27, 2009
 New and Unique: Local Activity Blocking and User Quarantine
Pin It
Today we announced new capabilities to protect and mitigate insider abuse. Those capabilities are  available immediately with SecureSphere Data Security Suite and SecureSphere Database Firewall:

"In addition to its existing network-based monitoring and blocking of unauthorized activity by trusted insiders, SecureSphere can now terminate local user activity and quarantine user accounts in the event of a security policy violation. This extends Imperva's unmatched database protection to a full 360 degrees."

We introduced two components that are uniquely integrated to provide complete security and remediation in case of privilege abuse. Solutions that are based on native auditing or passive  collection of logs alone are not able to address the market needs for local protection. 

Local Lockdown
SecureSphere can terminate unauthorized activity by privileged users even when these operations take place directly on protected servers or when access to the DBMS servers is performed in a way that is not visible to SecureSphere. 

Continue reading "New and Unique: Local Activity Blocking and User Quarantine" »


 66 Federal Credit Union Case Study
Pin It
If you have subscription to this week's issue of Credit Union Journal (Registration Required) you can read how SecureSphere is used to combat cyber security at 66 FCU.

Online crooks wielding SQL-injections have become more interested in 66 FCU as it works to expand its website business, with features such as membership enrollment.
"We're also seeing a lot of bot scans," in addition to SQL-injection attempts, said Clint Brown, programmer at the $400-million CU. "People are phishing to see where we as programmers have put down our guard."


 Transcript for Data Security Podcast with Richard Stiennon - Former Gartner Analyst, Available for Download
Pin It

Listen to the Podcast here or directly through iTunes. Download the Transcript here.

Brian Contos: Joining us today is Richard Stiennon, security expert and industry analyst that is known for shaking up the industry and providing actual guidance to vendors and end users. He recently re-launched the security blog, Threat Chaos, and is the founder of IT‑Harvest, an independent analyst firm that researches 1200 IT security vendors.

Richard has held positions as chief marketing officer at Fortinet, VP of research at Webroot Software, and VP of research at Gartner.

Welcome to the podcast, Richard!

Richard Stiennon:  Hey, Brian, good to be talking to you again.

Brian Contos:  Before we get started, a little bird told me that you might have a book in your future.

Richard Stiennon:  Yeah. I've been talking and blogging and writing about cyberwar for so long that I accumulated a bunch of stories. And then last year, I was up in Halifax and some guys were doing a freelance report on cyber hacking, and they got me in front of a camera. They said it was just for a couple of statements, but they had me there for about an hour and when they were done they said, "Man, have you written a book on this?" and that was the seed of the idea. So, it's been a year since then, and obviously a lot of developments. Since then, the Pentagon was owned by the Chinese, the German Chancellery was owned by the Chinese; we've had skirmishes between Russia and Estonia, Russia and Georgia, Hamas and Israel; so there's a ton there. So, yeah, that's got me going for my next big project.

Brian Contos:  What a timely subject. I'm looking forward to it. What we're here to talk about today is data centric security, or data security. There are lots of ways to really address it, but when I say that term, what does that mean to you? You've been around the industry for so long, all these buzzwords and terms, when you hear "data security" what do you think of?


Continue reading "Transcript for Data Security Podcast with Richard Stiennon - Former Gartner Analyst, Available for Download" »


 The Blood and Guts of Biometric Systems
Pin It
biometric.jpgTechNewsWord just came out with an article about biometrics that is a pretty interesting read; and I'm not just saying that because they quoted me a couple times. It is clear that the convergence of physical and logical security is here, and regardless of biometric readers, common access cards (CAC), RFID, or video analytic systems, physical security is becoming more integrated with and more dependent on logical systems such as network gear, databases, applications, etc.



 NIST Cloud Computing Website
Pin It

Computer scientists at NIST developed a working-draft definition of cloud computing in collaboration with industry (Imperva included) and government. 

NIST will use the definitions as the foundation for a special publication that will cover cloud architectures, security, and deployment strategies for the federal government. Comments on the definition can be sent to the email address: "cloud" at "nist" with a dot "gov" at the end.

You can also find our feedback on the Federal Cloud RFI here


May 26, 2009
 Agilent Technologies Leverages Imperva for Application and Database Security - Podcast and Case Study
Pin It
Learn how Agilent Technologies, the world's premier measurement company, is using Imperva SecureSphere to address their strategic security and compliance needs. By addressing Web applications and databases in tandem, Agilent is able to better mitigate risks and satisfy audit requirements. 

"We don't just view Imperva SecureSphere as a technology solution, we see it as an integrated and indispensable part of our daily security and compliance processes and long term strategy," says Chad Lorenc of Agilent Technologies.

On this episode of the Imperva Security Podcast Chad Lorenc of Agilent is interviewed. As an Imperva customer with a vast and complex infrastructure, Agilent has stepped up in a big way to meet the demands of application and database security as well as regulations such as Sarbanes-Oxley. Chad discusses how the Imperva SecureSphere solutions helped Agilent discover critical assets, monitor their operations, and provide an ongoing strategic resource for their data security initiatives.


 VISA: Implement a Web Application Firewall.
Pin It

Visa issues Data Security Alerts when emerging vulnerabilities are identified in the marketplace, or as a reminder about best practices. Visa Data Security Alert from October 2008 (pdf) was focused on SQL injection attacks

".....A review of recent data security breaches suggests Structured Query Language (SQL) injection attacks on e-commerce Web sites and Web-based applications that manage card accounts (e.g., PIN updates, monetary additions, account holder updates) have become more prevalent...... These latest SQL injection attacks pose serious additional risks to cardholder data stored or transmitted within systems (e.g., Microsoft and UNIX-based) and networks connected to the affected environment."

To minimize the possibility of an SQL injection attack and mitigate the risk of a data compromise Visa provided 10 recommendations that merchants, issuers, acquirers, processors and agents should take. 

One of those requirements is simple and straightforward: Implement a web application firewall (WAF)

I can not agree more. 


 Playboy Says to Look Out for Malicious Insiders
Pin It

    playboy_logo.jpgSince I've been in security, I can't remember a time when "Insiders" - malicious, careless or otherwise, weren't a hot topic of conversation. Heck - I even wrote a book about it.  My family tells me it's just the right size for propping open the garage door.

<Start Psychoanalysis>

Most malicious insiders are driven by monetary gain - either need or greed.  Even individuals that wouldn't consider doing something illegal will when given the appropriate trigger such as a professional, personal, or financial crisis. There must also be opportunity to commit the crime and the criminal must overcome natural inhibitions to criminal behavior such as loyalty or friendships. Psychology plays a role too and character weaknesses can manifest in antisocial tendencies or in narcissism that can lead to malicious behavior.

</End Psychoanalysis>

Since the economy tanked, and the financials went under, stats have been flowing freely like campaign in the grotto about how bad things are and are going to get. Especially around how likely it would be for an employee to steal from their employer (former employer). Vendor studies give us stats, as do analysts and trade journals, but it isn't until more mainstream media picks it up that we pay closer attention.  Enter the May 2009 issue of Playboy.

According to Playboy, "58% of surveyed Wall Street workers say they would steal company data and take it with them if they were being laid off and thought they wouldn't be caught."

There you have it; if you can't trust stats from Playboy, then who can you?




Find Us Online
RSS Feed - Subscribe Twitter Facebook iTunes LinkedIn YouTube
Monthly Archives
Email Subscription
Sign up here to receive our blog: