Collaborate Disseminate
Now, there are many reasons to isolate your infrastructure from the Internet. Minimizing the number of exposed things not only reduces risk, it also reduces operational complexity. VPNs are counter to this. VPNs make it so you aren’t exposing all of yo… Continue reading Time to Transfer Risk: Why Security Complexity & VPNs Are No Longer Sustainable
Now, there are many reasons to isolate your infrastructure from the Internet. Minimizing the number of exposed things not only reduces risk, it also reduces operational complexity. VPNs are counter to this. VPNs make it so you aren’t exposing all of your applications publicly in a DMZ, which is good. But for the most part, they still provide access to the corporate network to get access to corporate apps. Definitely bad. At this point, I think we all agree that moats and castles belong in the past. Continue reading Time to Transfer Risk: Why Security Complexity & VPNs Are No Longer Sustainable
What is an HTTPS flood attack? Why is everybody talking about it these days? And is it really such a big threat? HTTPS flood attack is a generic name for DDoS attacks that exploit SSL/TLS protocols over HTTP communications. Lately, we’ve been he… Continue reading Detecting and Mitigating HTTPS Floods…Without Decryption Keys
SupPy Chain Malware – Detecting malware in package manager repositories, Attacking SSL VPN, Solving Digital Transformation Cybersecurity Concerns With DevSecOps, How I Could Have Hacked Any Instagram Account, Tracking Anonymized Bluetooth Dev… Continue reading Application News – Application Security Weekly #70
More and more organizations are adopting cloud-based DDoS defenses and substituting them for their old, premise-based DDoS appliances. Nonetheless, there are still a number of reasons why you might want to keep that DDoS appliance around. The Rise of … Continue reading Why You Still Need That DDoS Appliance
I’m very proud to announce the release of PolarProxy today! PolarProxy is a transparent TLS proxy that decrypts and re-encrypts TLS traffic while also generating a PCAP file containing the decrypted traffic. PolarProxy enables you to do lots of things … Continue reading PolarProxy Released
The Cloud Security Alliance (CSA) released a survey earlier this year that focuses on who should take responsibility for breaches in the cloud. It’s a good question. The advent of hybrid IT, among other things, has done much to destroy our traditional… Continue reading Who’s Responsible for a Cloud Breach? It Depends
Users today want more. The ubiquity and convenience of online competition means that customers want everything better, faster, and cheaper. One key component of the user experience is service availability. Customers expect applications and online serv… Continue reading Why Hybrid Always-On Protection Is Your Best Bet
Businesses today know they must handle sensitive data with extra care. But evolving cyber threats combined with regulatory demands can lead executives to hold their proverbial security cards close to their chest. For example, they may be reluctant to … Continue reading How to (Securely) Share Certificates with Your Cloud Security Provider
Sometimes the discussion around extended validation certificates (EV) feels a little like flogging a dead horse. In fact, it was only September that I proposed EV certificates are already dead for all sorts of good reasons that have only been reinforced since that time. Yet somehow, the discussion does seem
Continue reading PayPal’s Beautiful Demonstration of Extended Validation FUD