Wednesday, December 30, 2009
Wednesday, December 16, 2009
DECAF
Hackers have released Decaf, a tool which hinders the work of Microsoft's 'Computer Online Forensic Evidence Extractor' (COFEE).
DECAF Link
DECAF Link
Tuesday, December 15, 2009
ADOBE SECURITY LINK
No different than the process to monitor frequently the Microsoft Patches and Security Activity, we need to stay on-top of the ADOBE platform as it seems to be a focus for code.
Adobe Security Blog
Adobe Security Blog
Sunday, December 13, 2009
Cisco 2009 Annual Security Report
The Cisco® Annual Security Report provides an overview of the combined security intelligence of the entire Cisco organization. The report encompasses threat information and trends collected between January and December 2009. It also provides a snapshot of the state of security for that period, with special attention paid to key security trends expected for 2010.
CISCO ANNUAL SECURITY REPORT 2009
CISCO ANNUAL SECURITY REPORT 2009
Virtual Desktops Today - Cloud Claims
I have taken a cursory look at the following:
EyeOS
GHOST Cloud
Glide OS 3.0
Another challenging path to secure.
EyeOS
GHOST Cloud
Glide OS 3.0
Another challenging path to secure.
Tuesday, December 8, 2009
Google DNS or OPENDNS....Hmmmm
Sure seems google has caught onto the idea that OPENDNS has had for a few years now and provides additional content filtering via DNS.
Google Public DNS Link here
Google Public DNS Link here
Saturday, December 5, 2009
Cloud Computing - What we really should discuss
I have put many links in recently concerning products, strategies and directional links. I am taking a few minutes to post a few words on information cloud computing. Cloud services are active today whether they are Google, Amazon, or others and carry both business and financial transactional data for consumers. One of the concerns I have remains, the ability to audit and know controls are in place for information protection. Some cloud technologies are putting some interesting architectural decisions in front of security professionals. These decisions are often being posed as "faster", "less cost" and "more efficient" and even " you won't need your firewalls anymore". The basic premise by security practitioners is that we need layered defenses for data, application, network segmentation. The "blur" of these points and traditional security design occured when mobility came forward and third parties were requiring trust within the organizations backend systems. Today, we are rapidly moving towards a mixed architecture where some applications will truly be cloud enabled, yet others will remain traditional security architecture and controlled. I remain somewhat skeptical at cloud based security models and how processes such as vulnerability analysis will occur in the "cloud".
Subscribe to:
Posts (Atom)
