Security Tech: It’s Not What You Buy, It’s How You Deploy
12/21/2015Good information security depends on a holistic strategy, not on an elite lineup of discretely moving parts.
Post a Comment
Author
Profile of Simon Gibson
Fellow Security Architect, Gigamon News & Commentary Posts: 1Simon Gibson is a Fellow Security Architect at Gigamon. He provides direction and roadmaps for the product that secures applications that secure the Internet.
Simon has been working on Internet infrastructure for nearly 20 years from small ISP's, to developing streaming media technology at AOL/Time Warner and working on hardware accelerated appliances with Extreme Networks for WinAmp/Shoutcast. Simon was a systems architect at Verisign
Prior to Gigamon, Simon led the Information Security Group at Bloomberg LP in New York and was their CISO from 2008 to 2013.
Articles by Simon Gibson
Good information security depends on a holistic strategy, not on an elite lineup of discretely moving parts.
Post a Comment
White Papers
Video
3 Comments
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: I want to tell an NSA joke but I feel like they've heard them all before.
Latest Comment: I want to tell an NSA joke but I feel like they've heard them all before.
Current Issue
Flash Poll
Online Malware and Threats: A Profile of Today's Security Posture
This report offers insight on how security professionals plan to invest in cybersecurity, and how they are prioritizing their resources. Find out what your peers have planned today!
Twitter Feed
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database CVE-2018-17948
PUBLISHED: 2018-11-20
PUBLISHED: 2018-11-20
PUBLISHED: 2018-11-20
PUBLISHED: 2018-11-20
PUBLISHED: 2018-11-20
From DHS/US-CERT's National Vulnerability Database CVE-2018-17948
PUBLISHED: 2018-11-20
An open redirect vulnerability exists in the Access Manager Identity Provider prior to 4.4 SP3.
CVE-2018-1779PUBLISHED: 2018-11-20
IBM API Connect 2018.1 through 2018.3.7 could allow an unauthenticated attacker to cause a denial of service due to not setting limits on JSON payload size. IBM X-Force ID: 148802.
CVE-2018-19367PUBLISHED: 2018-11-20
Portainer through 1.19.2 provides an API endpoint (/api/users/admin/check) to verify that the admin user is already created. This API endpoint will return 404 if admin was not created and 204 if it was already created. Attackers can set an admin password in the 404 case.
CVE-2018-19335PUBLISHED: 2018-11-20
Google Monorail before 2018-06-07 has a Cross-Site Search (XS-Search) vulnerability because CSV downloads are affected by CSRF, and calculations of download times (for requests with a crafted groupby value) can be used to obtain sensitive information about the content of bug reports.
CVE-2018-19334PUBLISHED: 2018-11-20
Google Monorail before 2018-05-04 has a Cross-Site Search (XS-Search) vulnerability because CSV downloads are affected by CSRF, and calculations of download times (for requests with an unsupported axis) can be used to obtain sensitive information about the content of bug reports.
- Terms of Service
- Privacy Statement
- Legal Entities
- Copyright © 2018 UBM, All rights reserved
Tweet This