Database Security

Authentication

Privacy

Compliance

Identity & Access Management

Security Monitoring

Advanced Threats

Insider Threats

Vulnerability Management

Network Computing Dark Reading

Advertise

About Us

Author

Profile of Jackson Shaw

VP of Product Management, One Identity

Member Since: 6/8/2016
Author
News & Commentary Posts: 4
Comments: 2

Jackson Shaw is vice president of product management for One Identity, the identity & access management (IAM) business of Quest Software. Prior to Quest, Jackson was an integral member of Microsoft's IAM product management team within the Windows server marketing group at Microsoft. While at Microsoft he was responsible for product planning and marketing around Microsoft's IAM products including Active Directory and Microsoft Identity Manager. Jackson began his identity management career as an early employee at Toronto-based Zoomit Corp., the pioneer in the development of meta-directory products which Microsoft acquired in 1999. Jackson has been involved in directory, meta-directory and security initiatives and products since 1988. He studied computer science and management information systems at the University of Ottawa. He is a long-time member of the Association for Computing Machinery.

Articles by Jackson Shaw

View Content By Month

After the Breach: Tracing the 'Smoking Gun'

11/5/2018
Systems, technology, and threats change, and your response plan should, too. Here are three steps to turn your post-breach assessment into a set of workable best practices.
Post a Comment

Leveraging Security to Enable Your Business

2/23/2018
When done right, security doesn't have to be the barrier to employee productivity that many have come to expect. Here's how.
Post a Comment

Why Relaxing Our Password Policies Might Actually Bolster User Safety

9/11/2017
Recent guidance from NIST may seem counterintuitive.
Post a Comment

Self-Service Password Reset & Social Engineering: A Match Made In Hell

6/13/2016
A sad tale of how hackers compromised a CEO’s corporate account by trolling Facebook and LInkedin for answers to six common authentication questions. (And how to avoid that happening to you)
Post a Comment

Hot Topics

Editors' Choice

Microsoft President: Governments Must Cooperate on Cybersecurity

Kelly Sheridan, Staff Editor, Dark Reading, 11/8/2018

5 Reasons Why Threat Intelligence Doesn't Work

Jonathan Zhang, CEO/Founder of WhoisXML API and TIP, 11/7/2018

Why Password Management and Security Strategies Fall Short

Steve Zurier, Freelance Writer, 11/7/2018

Live Events

Webinars

More UBM Tech
Live Events

Enterprise Connect 2019 - Build Your Comms & Collaboration Future

Communications & Collaboration 2022 at EC19 Orlando March 18-21

White Papers

2018 Cyberthreat Defense Report

What is the Main Obstacle to Security?

Shutting Down Banking Trojans

The IT Pro's Guide to DIY Antivirus Testing

Taking Control of Vendor Risk: A 6-Step Approach

More White Papers

Video

All Videos

Cartoon

Latest Comment: You know, at first glance, I liked the idea of wearable tech.. Never through it would be a security risk.

Cartoon Archive

Current Issue

10 Emerging Threats Every Enterprise Should Know About

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

Online Malware and Threats: A Profile of Today's Security Posture

This report offers insight on how security professionals plan to invest in cybersecurity, and how they are prioritizing their resources. Find out what your peers have planned today!

Download Now!

The Risk Management Struggle

0 comments

How Data Breaches Affect the Enterprise

0 comments

The State of IT and Cybersecurity

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading OR #DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2018-16470
PUBLISHED: 2018-11-13

There is a possible DoS vulnerability in the multipart parser in Rack before 2.0.6. Specially crafted requests can cause the multipart parser to enter a pathological state, causing the parser to use CPU resources disproportionate to the request size.

CVE-2018-16471
PUBLISHED: 2018-11-13

There is a possible XSS vulnerability in Rack before 2.0.6 and 1.6.11. Carefully crafted requests can impact the data returned by the `scheme` method on `Rack::Request`. Applications that expect the scheme to be limited to 'http' or 'https' and do not escape the return value could be vulnerable to a...

CVE-2018-6980
PUBLISHED: 2018-11-13

VMware vRealize Log Insight (4.7.x before 4.7.1 and 4.6.x before 4.6.2) contains a vulnerability due to improper authorization in the user registration method. Successful exploitation of this issue may allow Admin users with view only permission to perform certain administrative functions which they...

CVE-2018-17614
PUBLISHED: 2018-11-13

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Losant Arduino MQTT Client prior to V2.7. User interaction is not required to exploit this vulnerability. The specific flaw exists within the parsing of MQTT PUBLISH packets. The issue results from th...

CVE-2018-8009
PUBLISHED: 2018-11-13

Apache Hadoop 3.1.0, 3.0.0-alpha to 3.0.2, 2.9.0 to 2.9.1, 2.8.0 to 2.8.4, 2.0.0-alpha to 2.7.6, 0.23.0 to 0.23.11 is exploitable via the zip slip vulnerability in places that accept a zip file.

Terms of Service
Privacy Statement
Legal Entities

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]