January 28, 2015

Yesterday, Qualys researchers made public a buffer overflow vulnerability in a component of the glibc library. At this time, there is no known exploitation vector for most popular applications (http://seclists.org/oss-sec/2015/q1/283). Further, there is a very...Read More
Share:
Share on LinkedIn
  • Authors:
  • Permalink
  • Comments (0)

January 27, 2015

Many organizations struggle to implement security controls and technology within their enterprises due to a very common management error: failure to use a top-down approach to deploy security solutions. First, what is a ‘top-down’ approach?...Read More
Share:
Share on LinkedIn
  • Authors:
  • Permalink
  • Comments (0)

January 15, 2015

On Tuesday, the White House announced a proposal for new legislation and other efforts around cyber security. I want to focus on the legislation. It has 3 parts: 1) Enabling Cybersecurity Information Sharing 2) Modernizing...Read More
Share:
Share on LinkedIn
  • Authors:
  • Permalink
  • Comments (0)

January 14, 2015

Imperva has been in the business of protecting the high-value applications and data assets at the heart of the enterprise since 2002. In the years since, we’ve gained tremendous knowledge about cyber security and the...Read More
Share:
Share on LinkedIn
  • Authors:
  • Permalink
  • Comments (0)

January 06, 2015

I’m frequently asked, “What is the primary driver for your customers to invest in Data Security”? I mention this, because I watch the news like most everyone else and witness the unusually high interest in...Read More
Share:
Share on LinkedIn
  • Authors:
  • Permalink
  • Comments (0)

December 17, 2014

In my last blog we discussed the huge threat posed by malicious DDoS attacks, in that one could easily keep your customers from reaching your sites, could prevent them from buying from you, and could...Read More
Share:
Share on LinkedIn
  • Authors:
  • Permalink
  • Comments (0)

December 12, 2014

As reported by KrebsOnSecurity, a recently released Treasury Department report details the risks to banks of allowing anonymous Internet connections to financial applications. The report then goes on to recommend that banks should block connections...Read More
Share:
Share on LinkedIn
  • Authors:
  • Permalink
  • Comments (0)

December 10, 2014

If the odds of you getting hit by a car today were 50/50, you’d be pretty worried, right? Well those are roughly the odds of your retail website or microsites being struck by a malicious...Read More
Share:
Share on LinkedIn
  • Authors:
  • Permalink
  • Comments (0)

December 09, 2014

Nothing gets me into the holiday spirit like a nice number crunching exercise. This is especially true after our previous blog, where we looked at last year’s holiday season attacks. To have a better understanding...Read More
Share:
Share on LinkedIn
  • Authors:
  • Permalink
  • Comments (0)

November 25, 2014

In September, a bug in GNU Bash was publicly exposed in the wild and rained fire on computer systems on premise and in the cloud due to the simple attack vector and the effect on...Read More
Share:
Share on LinkedIn
  • Authors:
  • Permalink
  • Comments (0)