With Great IoT Comes Great Insecurity
8/21/2015In the brave new world of 'things' and the services they connect to, built-in security has never been more critical. Here's what's getting in the way.
Post a Comment
Author
Profile of Bil Harmer
Chief Security Officer, GoodData Member Since: 6/5/2015Author
News & Commentary Posts: 1
Comments: 0
William Harmer joined GoodData as CSO in 2014 from SuccessFactors, an SAP company where he served as vice president, security, and cloud privacy officer. He is CISSP, CISM and CIPP certified. At SuccessFactors, he built and ran the company's security, privacy and compliance programs. During Harmer's time at SuccessFactors, the company announced its IPO, completed dozens of customer pen tests as well as multiple audits including SSAE16 SOC1 and SOC2, PCI and Safe Harbor to support expansions into Europe and APAC. He also completed the acquisition by SAP for $3.6B. Prior to SuccessFactors, Harmer managed security and infrastructure for the Ontario Government, Manulife Financial, Critical Path and DocSpace.
Articles by Bil Harmer
In the brave new world of 'things' and the services they connect to, built-in security has never been more critical. Here's what's getting in the way.
Post a Comment
White Papers
Video
0 Comments
Current Issue
Flash Poll
The State of IT and Cybersecurity
IT and security are often viewed as different disciplines - and different departments. Find out what our survey data revealed, read the report today!
Twitter Feed
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database CVE-2018-7682
PUBLISHED: 2018-06-22
PUBLISHED: 2018-06-22
PUBLISHED: 2018-06-22
PUBLISHED: 2018-06-22
PUBLISHED: 2018-06-22
From DHS/US-CERT's National Vulnerability Database CVE-2018-7682
PUBLISHED: 2018-06-22
Micro Focus Solutions Business Manager versions prior to 11.4 allows a user to invoke SBM RESTful services across domains.
CVE-2018-12689PUBLISHED: 2018-06-22
phpLDAPadmin 1.2.2 allows LDAP injection via a crafted server_id parameter in a cmd.php?cmd=login_form request, or a crafted username and password in the login panel.
CVE-2018-12538PUBLISHED: 2018-06-22
In Eclipse Jetty versions 9.4.0 through 9.4.8, when using the optional Jetty provided FileSessionDataStore for persistent storage of HttpSession details, it is possible for a malicious user to access/hijack other HttpSessions and even delete unmatched HttpSessions present in the FileSystem's storage...
CVE-2018-12684PUBLISHED: 2018-06-22
Out-of-bounds Read in the send_ssi_file function in civetweb.c in CivetWeb through 1.10 allows attackers to cause a Denial of Service or Information Disclosure via a crafted SSI file.
CVE-2018-12687PUBLISHED: 2018-06-22
tinyexr 0.9.5 has an assertion failure in DecodePixelData in tinyexr.h.
- Terms of Service
- Privacy Statement
- Legal Entities
- Copyright © 2018 UBM, All rights reserved
Tweet This