There is a firmly held concern in security circles that the automation associated with DevOps moves too swiftly, that security teams and their tests can't keep up, that too many of the metrics measured focus on production, availability, and compliance checkboxes, and as a result, security falls to the wayside.
George V. Hulme | 01 May | Read more
Stealthy, sometime long-term cyber-espionage attacks to steal sensitive proprietary information -- what some now call "advanced persistent threats" (APT) -- have become a top worry for businesses.
Ellen Messmer | 08 Aug | Read more
Increasingly, businesses accept the idea that employees should be able to use their personal mobile devices, such as smartphones and tablets, for work. But debate is raging as to whether these employee-owned devices should be managed and secured exactly as corporate-owned devices might be.
Ellen Messmer | 28 Jul | Read more
Data security is always top of mind for CIOs and CSOs, and there is no shortage of challenges when it comes to picking the right tool for the job. With network and software vulnerabilities growing at a perpetual rate, good security software can help defend against many of the large-scale threats that occur locally and from all over the Internet. In this edition of 5 open source things to watch, we take a look at security products that will guard against threats without robbing your kitty.
Rodney Gedda | 20 Jan | Read more
Contributions from free and open software makers can be found throughout the tech world. From your datacenter to the desktop and everywhere in between; there's an open solution to your computing needs. This is no less true in information security. My focus in this article is the several outstanding information security desktop tools that personify the innovation and ingenuity of the FOSS (Free and Open Source Software) world. Please keep in mind that all of these applications (except one) are cross-platform so you can find appropriate versions on whatever you run (BSD, Mac OSX, Linux or Windows). The examples herein, however, will be catered to the largest install base (statistically): Microsoft Windows.
Joseph Guarino | 01 Apr | Read more
For both enterprises and consumers, one of the big draws of Windows 7 has been its tighter security features.
Shane O'Neill | 04 Feb | Read more
The hype around cloud computing would make you think mass adoption will happen tomorrow. But recent studies by a number of sources have shown that security is the biggest barrier to cloud adoption. The reality is cloud computing is simply another step in technology evolution following the path of mainframe, client server and Web applications, all of which had -- and still have -- their own security issues.
Many organizations are embracing SOA as a way to increase application flexibility, make integration more manageable, lower development costs, and better align technology systems to business processes. The appeal of SOA is that it divides an organization's IT infrastructure into services, each of which implements a business process consumable by users and services.
Chris Clark | 19 Jan | Read more
With spam hampering staff productivity and increasing helpdesk calls, Sydney-based plumbing suppliers company Plumbers' Supplies Co-operative Ltd has replaced an open source e-mail security solution with an network gateway appliance.
Rodney Gedda | 26 Nov | Read more
If you're one of the 63.7 million people playing the popular Farmville game on Facebook, you've probably noticed a change in how you earn points. FarmVille's parent company, Zynga, agreed last week to remove deceiving mobile subscriptions and "scammy" offers that lure players to register for services in exchange for game currency, which helps players to advance in the game.
Kristin Burnham | 13 Nov | Read more
Security researchers are warning that Web-based applications are increasing the risk of identity theft or losing personal data more than ever before.
Dan Nystedt | 12 Oct | Read more
IPhone lovers and other smartphone users should take heed: A security researcher showed ways to spy on a BlackBerry user during a presentation Wednesday, including listening to phone conversations, stealing contact lists, reading text messages, taking and viewing photos and figuring out the handset's location via GPS.
Dan Nystedt | 08 Oct | Read more
It has been a week since hackers released software that could be used to attack a flaw in Windows Vista and Server 2008, but Microsoft and security companies say that criminals haven't done much with the attack.
Robert McMillan | 07 Oct | Read more
Chris Hoff, one of the most respected voices on the topic of virtualization and cloud security, once told me in an interview that people should shut up about securing the cloud because, in his opinion, there's no such thing as cloud security.
Bill Brenner | 01 Sep | Read more
While Google, Amazon and Salesforce have gotten the most attention as cloud service providers, Microsoft-with its 300 products and services delivered from its data centers-has a large cloud bank all its own.
Robert Lemos | 26 Aug | Read more
Apparently the everpresent cloud computing marketing messages aren't working quite well enough: Tech buyers still have major concerns regarding cloud-based benefits and security issues, many of which have not eased during the past year.
Thomas Wailgum | 27 Aug | Read more
CIOs and CSOs could do well to consider the monetisation cost and overall profitability of security risks when considering how to safe guard their organisations, according to the findings of a new report from IBM’s Internet Security Systems X-Force research and development team.
Tim Lohman | 27 Aug | Read more
As fireworks boomed on the Fourth of July, thousands of compromised computers attacked U.S. government Web sites. A botnet of more than 200,000 computers, infected with a strain of 2004's MyDoom virus, attempted to deny legitimate access to sites such as those of the Federal Trade Commission and the White House. The assault was a bold reminder that botnets continue to be a massive problem.
Robert Vamosi | 25 Aug | Read more
Employers are increasingly putting the brakes on employee use of social networking sites on the job, according to a new survey. The research, released Wednesday by ScanSafe, a provider of SaaS Web security, said its data shows more employers are blocking sites such as Facebook and Twitter. The results run counter to a story published by CSO in March 2009 that cites research which found most employers do allow access to Web 2.0 in the office.
Joan Goodchild | 20 Aug | Read more
Security is not a reason to stay away from SOA. Although full SOA security maturity is yet to come, 30 percent of organizations now use SOA for external integration with customers and partners. For standard Web services using SOAP, WS-Security has achieved critical mass as a foundational standard. On the other hand, advanced SOA security - involving federation among partners, nonrepudiation, and propagation of user identities across multiple layers of service implementations - is in its early days.
Randy Heffner | 20 Aug | Read more