» Listen or download now on the podcasts page » Security products and services never seem to come with guarantees. You have to take it on trust that they will do the job they claim to do. And if not? Well, try the next one. WhiteHat Security is following the example of vendors in other business areas and offering a guarantee… Read more »
» Listen or download now on the podcasts page » When it comes to web applications, Sasha Zivojinovic of Context Information Security believes we may have too much of a good thing. Web application frameworks (WAFs) have matured, providing a fast way to develop and deploy sophisticated sites. It’s hard to imagine life without them. WAFs relieve developers of much… Read more »
» Listen or download on the podcasts page » The Internet of Things is truly upon us and all manner of devices are being Internet-enabled. Among these developments is the appearance of the so-called ‘smart building’, with web-based interfaces being used to control heating, lighting, safety and security systems and more. Adding Internet interfaces allows for remote management and reporting, and… Read more »
» Listen or download now on the podcasts page » Attacks keep coming, and the number of data breach stories we read in the media shows how often they are successful. We have to assume that any organisation of a reasonable size has monitoring and defence systems, in place so what’s going wrong? Of course, organisations invariably claim that the attack… Read more »
» Listen or download now on the podcasts page » Judging by the warnings issued by security vendors, you’d be forgiven for thinking that there’s a malware epidemic on the Android platform. The truth, according to Sean Newman, security evangelist at Sourcefire (now part of Cisco), is somewhat more nuanced. In this interview he explains how the number of published vulnerabilities… Read more »
» Listen or download now on the podcast page » There’s lots of talk about putting security close to the data. One way of doing this is data masking, which obscures or modifies data as it is used according to a set of rules. In this interview, Amit Walia of Informatica explains how data masking means that people see only the data… Read more »
» Listen or download now on the podcast page » Software vulnerabilities Software flaws are at the root of many security exploits, and year after year we see the same old issues topping the OWASP top-ten, such as SQL injection and cross-site scripting (XSS). Are these really such hard problems to tackle? Or is the message just not getting through to… Read more »
» Listen or download now on the podcasts page » Can we really talk a Return On Investment (ROI) with information security? Most people view security as a kind of insurance policy – you pay out, year after year, and if you do it right, you never have to claim. So there’s always a temptation to cut costs – which only… Read more »
» Listen or download now on the podcasts page » Machine-to-Machine (M2M) is a domain that includes industrial systems, telemetry, Scada and so on. And while Scada has increasingly become a focus of security concerns, this has tended to concentrate on the the control systems themselves, rather than the entire chain from sensor to control room. In this episode, we talk to… Read more »
» Listen or download now on the podcasts page » This is the time of year when security vendors make lots of predictions about what the year ahead holds for information security. Most of the predictions are stunningly obvious and trivial, but one was intriguing. Corey Nachreiner, director of security strategy at WatchGuard, reckons 2014 will be the year of security visibility. But… Read more »