Post Tagged with: "database"

Are Data Lakes A Key To Securing IoT Environments? | Tripwire Blog

January 2, 2015 12:460 comments
Are Data Lakes A Key To Securing IoT Environments? | Tripwire Blog

Mitch Thomas over at the security firm Tripwire has a good post on “architecting the security of things” that’s worth checking out. As an incumbent security vendor, Tripwire faces the same challenges and problems as other vendors who came of age securing traditional endpoints and enterprise IT environments. Among them: adapting to a nearly limitless population of new endpoints – many of them small, resource constrained embedded systems.  As we’ve noted before: many of these systems aren’t capable of the kinds of interrogations (vulnerability- and malware scans just two examples) that many security tools take for granted. Like this:Like Loading…

Read more ›

Wanna-Breach: Counterfeit Data Breaches Are A Thing

October 29, 2014 12:05Comments Off
Data breaches are a big enough issue that companies must now contend with counterfeit breaches intended to inflict economic or reputation damage. (Image courtesy of Christian Science Monitor.)

Headline grabbing data breaches are such a fixture of our modern business environment that they’ve even spawned a knock-off market: phony data breaches designed to harm a company’s image by making it look as if the firm has lost control of critical data. That’s the conclusion of a research note from Deloitte, which warns that malicious actors are increasingly using false claims about massive data breaches to bedevil established firms – inflicting real economic and reputation damage. Like this:Like Loading…

Read more ›

With $42m Invested, vArmour uncloaks with Software Defined Security

September 17, 2014 11:27Comments Off
vArmour said its product is the first designed specifically to spot malicious activity within virtual data centers and stop so-called 'lateral movement' by malicious actors.

In the old days, startups would pull together funding from a small group of early “angel” investors and rush to get a product – any product- to market as soon as possible. The idea was to prove viability in the hopes of attracting larger investments that would let you actually develop the product you really want to sell. But that doesn’t work well for companies that want to solve really hard problem. Such projects, justifiably, need a longer runway that isn’t suited to vaporware or rapid product iteration. vArmour Networks, a Mountain View-based startup that emerged from “stealth” mode yesterday, is a good example of that latter kind of start-up. The company has already raised $42 million in three rounds, dating back to January, 2013. It is offering technology to tackle a vexing product: how to secure the information flowing within and between the growing ranks of virtual data centers. With […]

Read more ›

Update: Facebook awards $50K Internet Defense Prize for Work on Securing Web Apps

August 21, 2014 12:32Comments Off
A vulnerability that could leave Facebook accounts vulnerable to hijacking is widespread and still dangerous, despite reports that it was "patched" last week.

Saying that research dollars for cyber security are disproportionately devoted to work on “offensive” techniques (like hacking), social media giant Facebook has awarded two researchers  a $50,000 prize for their work on cyber defense. The company announced on Wednesday that Johannes Dahse and Thorsten Holz, both of Ruhr-Universität Bochum in Germany for their work on a method for making software less prone to being hacked. The two developed a method for detecting so-called “second-order” vulnerabilities in Web applications using automated static code analysis. Their paper (PDF here) was presented at the 23rd USENIX Security Symposium in San Diego. In a blog post announcing the prize, John Flyn, a security engineering manager at Facebook, said the Internet Defense Prize recognizes “superior quality research that combines a working prototype with significant contributions to the security of the Internet—particularly in the areas of protection and defense.” Dahse and Holz’s work was chosen by a panel […]

Read more ›

Is HyperCat An IoT Silo Buster? | ZDNet

June 30, 2014 11:14Comments Off
Is HyperCat An IoT Silo Buster? | ZDNet

Steve Ranger over at ZDNet has an interesting write-up on HyperCat, a UK-funded data sharing open specification for Internet of Things devices. The new specifications has the backing (or at least interest) of major players and could become an alternative to proprietary standards such as Apple’s HomeKit or Google Nest. HyperCat is described as an “open, lightweight, JSON-based hypermedia catalogue” that is designed to “expose information about IoT assets over the web.” The goal is to provide a set of open APIs and data formats that startups and other smaller firms can use to built ecosystems of connected objects. Smart devices are typically developed using common technologies and platforms: RESTful APIs, JSON (Javascript Object Notation) for data formatting and HTTP (or secure HTTP) as the main communications protocol. However, the Internet of Things is badly “silo’d” – meaning that interoperability between IoT devices happens only when those smart devices happen to use the […]

Read more ›
%d bloggers like this: