September 24, 2014

Mike Rothman wrote about the post facto analysis game on the Securosis blog today (“Hindsight FTW”). And I think he got it right. In a nutshell, it’s easy to say now that Home Depot should...Read More
Share:
Share on LinkedIn
  • Tags:
  • Permalink
  • Comments (0)
Websites that contain personal information of users, such as login details and other data, are frequently targeted by hackers. Personal data is highly valuable in the black market for fraud purposes, theft, and other nefarious...Read More
Share:
Share on LinkedIn
  • Tags:
  • Permalink
  • Comments (0)

September 22, 2014

Late last week, there was an article in the Huff Post titled “The Big Lie Behind the Biggest Data Breaches” that prompted a great back-and-forth discussion Inside Imperva. The issue under debate is: Do companies...Read More
Share:
Share on LinkedIn
  • Tags:
  • Permalink
  • Comments (0)

September 04, 2014

Big Data Server Side JavaScript Injection In Part #2 of this blog series, Mark Kraynak covered some of the application security risks that reside in Big Data implementations, and in follow-up, I’d like to address...Read More
Share:
Share on LinkedIn
  • Tags:
  • Permalink
  • Comments (0)

September 03, 2014

There’s a common--but dangerous--misconception out there that applications are secure when backed by Big Data technologies such as NoSQL databases. Wrong! Big data does not equal security. That’s why we’ve started blogging on the topic,...Read More
Share:
Share on LinkedIn
  • Tags:
  • Permalink
  • Comments (0)

August 27, 2014

Earlier in the week, I wrote about the opportunity cost changing the status quo for database auditing. Today, I’m writing about a different opportunity cost, this time for SaaS security. In the tradition of Scuba...Read More
Share:
Share on LinkedIn
  • Tags:
  • Permalink
  • Comments (0)

August 25, 2014

One of the most compelling arguments for a software vendor looking for customers is that by automating or streamlining a business process, the customer can save significant amounts of money. One of the most frustrating...Read More
Share:
Share on LinkedIn
  • Tags:
  • Permalink
  • Comments (0)

August 21, 2014

Ignoring app security for Big Data doesn’t make the problem go away. In Part #1 of this series, I talked about the need for third party monitoring and control for Big Data deployments and why...Read More
Share:
Share on LinkedIn
  • Tags:
  • Permalink
  • Comments (0)

August 20, 2014

Ahhh Vegas. Where things happen and stay, right? If you remember, we ran an exercise during the soccer world cup and we correlated final game matches to attack information. We had so much positive feedback...Read More
Share:
Share on LinkedIn
  • Tags:
  • Permalink
  • Comments (0)

August 11, 2014

History is repeating itself (but what else did you expect?) A depressingly true adage in the security industry goes something like this: “Security is an afterthought for every new IT fad.” It couldn’t be more...Read More
Share:
Share on LinkedIn
  • Tags:
  • Permalink
  • Comments (0)