Blog

Webcast on Thursday: Pragmatic Database Compliance and Security

By Rich
Auditors got you down? Struggling to manage all those pesky database-related compliance issues? Thursday I’m presenting a webcast on Pragmatic Database Compliance and Security. It builds off the base of Pragmatic Database Security, but is more focused on compliance, with top tips for your favorite regulations. It is sponsored by Oracle, and you can sign up here. We’ll cover most of the major database security domains, and I’ll show specifically how to apply them to major regulations (PCI, HIPAA, SOX, and privacy regs). If you are a DBA or security professional with database responsibilities, there’s some

RSAC 2010 Guide: Endpoint Security

By Mike Rothman
The fun is just beginning. We continue our trip through the Securosis Guide to the RSA Conference 2010 by discussing what we expect to see relative to Endpoint Security. Endpoint Security Anti-virus came onto the scene in the early 90’s to combat viruses proliferated mostly by sneakernet. You remember sneakernet, don’t you? Over the past two decades, protecting the endpoint has become pretty big business, but we need to question the effectiveness of traditional anti-virus and other endpoint defenses, given the variety of ways to defeat those security controls. This year we expect many of the endpoint vendors to start

Incite 2/23/10: Flexibility

By Mike Rothman
It is said that unhappiness results from either not getting what you want, or getting what you don’t want. I’m pretty sure strep throat qualifies as something you don’t want, and it certainly is causing some unhappiness in Chez Rothman. Yesterday, I picked up 4 different antibiotics for everyone in the house except me, which must qualify me for some kind of award at the Publix pharmacy. I like to think of myself as a reasonably flexible person who can go with the flow – but in reality, not so much. I don’t necessarily have a set schedule,

RSAC 2010 Guide: Application Security

By Adrian Lane
Continuing our postings from the Securosis Guide to the RSA Conference 2010, we turn our attention to application security. Application Security Application Security is a nascent market, but data from several recent data breach reports and OWASP studies have disproven the myth of the “Insider Threat”. The primary cause of breaches is poorly executed applications – specifically web applications that rely on complex multi-layered infrastructure. While there is no agreement on which methods and technologies are ‘best’ for securing applications, application developers show growing interest in learning about the available options. What We Expect to See A Focus on Web Application Development

RSAC 2010 Guide: Data Security

By Rich
Over the next 3 days, we’ll be posting the content from the Securosis Guide to the RSA Conference 2010. We broke the market into 8 different topics: Network Security, Data Security, Application Security, Endpoint Security, Content (Web & Email) Security, Cloud and Virtualization Security, Security Management, and Compliance. For each section, we provide a little history and what we expect to see at the show. Next up is Data Security. Data Security Although technically nearly all of Information Security is directed at protecting corporate data and content, in practice our industry has historically focused on network and endpoint security. At Securosis we

RSVP for the Securosis and Threatpost Disaster Recovery Breakfast

By Rich
We quite enjoy all the free evening booze at the RSA conference, but most days what we’d really like is just a nice, quiet breakfast. Seriously, what’s with throwing massive parties for people to network, then blasting the music so loud that all we can do is stand around and stare at the mostly-all-dude crowd? In response, last year we started up the Disaster Recovery Breakfast, and it went over pretty well. It’s a nice quiet breakfast with plenty of food, coffee, recovery items (aspirin & Tums), and even the hair of the dog for those of

RSAC 2010 Guide: Network Security

By Mike Rothman
Over the next 3 days, we’ll be posting the content from the Securosis Guide to the RSA Conference 2010. We broke the market into 8 different topics: Network Security, Data Security, Application Security, Endpoint Security, Content (Web & Email) Security, Cloud and Virtualization Security, Security Management, and Compliance. For each section, we provide a little history and what we expect to see at the show. First up is Network Security. Network Security Since we’ve been connecting to the Internet people have been focused on network security, so the sector has gotten reasonably mature. As a result, there has been a distinct

Introducing SecurosisTV: RSAC Preview

By Mike Rothman
I know what you are thinking. “Oh god, they should stick to podcasting.” You’re probably right about that – it’s no secret that Rich and I have faces made for radio. But since we hang around with Adrian, we figured maybe he’d be enough of a distraction to not focus on us. You didn’t think we keep Adrian around for his brains, do you? Joking aside, video is a key delivery mechanism for Securosis content moving forward. We’ve established our own SecurosisTV channel on blip.tv, and we’ll be posting short form research on all

RSAC 2010 Guide: Top Three Themes

By Mike Rothman
As most of the industry gets ramped up for the festivities of the 2010 RSA Conference next week in San Francisco, your friends at Securosis have decided to make things a bit easier for you. We’re putting the final touches on our first Securosis Guide to the RSA Conference. As usual, we’ll preview the content on the blog and have the piece packaged in its entirety as a paper you can carry around at the conference. We’ll post the entire PDF tomorrow, and through the rest of this week we’ll be highlighting content from the guide. To

FireStarter: IT-GRC: The Paris Hilton of Unicorns

By Rich
Like any analyst, I spend a lot of time on vendor briefings and meeting with very early-stage startups. Sometimes it’s an established vendor pushing a new product or widget, and other times it’s a stealth idea I’m evaluating for one of our investor clients. Usually I can tell within a few minutes if the idea has a chance, assuming the person on the other side is capable of articulating what they actually do (an all too common problem). In 2007 I posted on the primary technique I use to predict security markets, and as we approach RSA I’
Page 211 of 320 pages ‹ First  < 209 210 211 212 213 >  Last ›