Mobile

What Next-Gen Security Looks Like

100%
0%

Virtualization and Cloud Solutions Architect Bill Kleyman shows how the nightmare of BYOD is giving rise to a new generation of intelligent, highly scalable security products and platforms.

Comment  | 
Print  | 
Comments
Newest First  |  Oldest First  |  Threaded View
Cultus
50%
50%
Cultus,
User Rank: Apprentice
4/2/2014 | 1:47:43 PM
Security
If you can make it more simple, but more safe it will be a success. This is the direction that we should be thinkings.
Susan Fogarty
50%
50%
Susan Fogarty,
User Rank: Apprentice
12/9/2013 | 8:43:19 PM
Re: Application Firewalls
Bill, that's a great point. One other trend I see gaining a lot of ground is toward securing the data itself, as well as the environement, devices, and apps. Especially now that companies are adopting cloud services and may have less control over their environments, data security becomes even more important.
Bill Kleyman
50%
50%
Bill Kleyman,
User Rank: Apprentice
12/9/2013 | 12:34:01 PM
Re: Application Firewalls
@Marilyn - That's a great question. I'm not sure if it's something we'll see standardized. Instead, it's the new application of security technologies around platforms like cloud, big data and applications.

Even then it's hard to tell. The entire security model is shifting to support a more dispersed and dynamically connected user. 
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
12/9/2013 | 12:29:38 PM
Re: Application Firewalls
Thanks Bill. That sounds like an ecosystem that will require some greater standardization. Is that happening? 
Bill Kleyman
50%
50%
Bill Kleyman,
User Rank: Apprentice
12/9/2013 | 12:16:29 PM
Re: Application Firewalls
@Marilyn - It's definitely a combination of the two. Applications, APIs, and information all require good security practices. In some cases, security components are built into Apps, APIs and the infrastructure that supports it all. 

On the other hand, having overall environment security is a must as well. This means having intelligent systems which act proactively to mitigate as much threat to your infrastructure as possible. In all honesty this is what the future looks like too. Developers will build in security components into their apps. That will then couple with  infrastructure security solutions to ensure data and application integrity. 
Bill Kleyman
50%
50%
Bill Kleyman,
User Rank: Apprentice
12/9/2013 | 12:10:23 PM
Re: Mobile security
@Susan - Absolutely, NetScaler platforms are just one example. Next-generation security is really making a boom right now around application, data, and cloud security. Solutions from Checkpoint, Palo Alto, and Sourcefire (Cisco) all introduce new ways to secure the logical layer.

Remember, next-generation security is a concept -- not just one singular product. For example, an F5 Big-IP ADC (like the NetScaler) can also have components that fall into the next-generation security definition. 
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
12/9/2013 | 10:45:53 AM
Application Firewalls
Bill, I'm struck by your mention of application firewalls, which ties in very nicely with a recent column by Jeff Williams, CEO & Co-Founder, Aspect Security and also a founding members of the Open Web Application Security Project (OWASP). Jeff's point was that the industry still has a long way to go with application security within the development environment. Another contributor, Levi Gundert, mentioned behaviour scoring as defensive measure in his column about Zero-Day Drive-By Attacks: Accelerating & Expanding

That's kind of a roundabot way of asking you where you  see the most bang for the back in next generation secruity -- baked into the applicaton itself, in the intellegient platforms and tools that you speak about in your vblog, or a combination of the two.
Susan Fogarty
50%
50%
Susan Fogarty,
User Rank: Apprentice
12/9/2013 | 9:49:44 AM
Mobile security
Bill, great video, I liked seeing the detailed example showing a specific security product and the different functionality it includes. Can you recommend other vendors that offer similar mobile security platforms as well?
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading December Tech Digest
Experts weigh in on the pros and cons of end-user security training.
Flash Poll
Containing Corporate Data on Mobile Devices
Containing Corporate Data on Mobile Devices
If you’re still focused on securing endpoints, you’ve got your work cut out for you. WiFi network provider iPass surveyed 1,600 mobile workers and found that the average US employee carries three devices -- a smartphone, a computer, and a tablet or e-reader -- with more than 80% of them doing work on personal devices.
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-2037
Published: 2014-11-26
Openswan 2.6.40 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon restart) via IKEv2 packets that lack expected payloads. NOTE: this vulnerability exists because of an incomplete fix for CVE 2013-6466.

CVE-2014-6609
Published: 2014-11-26
The res_pjsip_pubsub module in Asterisk Open Source 12.x before 12.5.1 allows remote authenticated users to cause a denial of service (crash) via crafted headers in a SIP SUBSCRIBE request for an event package.

CVE-2014-6610
Published: 2014-11-26
Asterisk Open Source 11.x before 11.12.1 and 12.x before 12.5.1 and Certified Asterisk 11.6 before 11.6-cert6, when using the res_fax_spandsp module, allows remote authenticated users to cause a denial of service (crash) via an out of call message, which is not properly handled in the ReceiveFax dia...

CVE-2014-7141
Published: 2014-11-26
The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and crash) via a crafted type in an (1) ICMP or (2) ICMP6 packet.

CVE-2014-7142
Published: 2014-11-26
The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain sensitive information or cause a denial of service (crash) via a crafted (1) ICMP or (2) ICMP6 packet size.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Now that the holiday season is about to begin both online and in stores, will this be yet another season of nonstop gifting to cybercriminals?