Friday, December 30, 2011

AlgoSec introduces firewall management for virtualized environments

AlgoSec, Tufin and Firemon are the Big 3 for firewalls rules management with a few others (Skybox and Athena to name a couple) starting to catch on. AlgoSec has hired a really good marketing director who will have a noticable impact. Sam Erdheim's work started with this AlgoSec press release supporting virtual environments.

“The dynamic nature of virtualization, especially the rapid provisioning of new applications and desktops across data centers, presents a new set of security challenges for IT organizations,” said Eric Ogren, principal analyst of the Ogren Group. “Firewall rules management software is a critical must-have capability to control access and ensure tight security for companies evolving from physical to virtual environments.”

Friday, December 2, 2011

“The malware, a version of a toolkit available since 2005…”

The story of the RSA attacks, as Qualys recently posted a very detailed study of the Adobe Flash exploit that caused all of the trouble at RSA last spring. It is a very thorough study – right down to a couple of pages of code.

Loved the human angle of a security-conscious person yanking the offending email out of a spam folder so they could open the infected XLS attachment. Good stuff. There will always be cases where people just make a mistake and have a lapse of judgment.

Great observation that some of the new security features found in Windows 7, such as Data Execution Prevention, probably would have thwarted the attack. It goes to show how hard it is for IT to move forward with a new version of an OS. Heck, it is hard even to move forward with a safer version of Flash or to enforce safe browser settings.

We know the half-life of a vulnerability and the difficulty in patching endpoints. Perhaps we should add a Law of Vulnerability for the life expectency of unpatchable software.