Advertise

Mobile

What Next-Gen Security Looks Like

Get Link to this Video

Get HTML to Embed this Video

Virtualization and Cloud Solutions Architect Bill Kleyman shows how the nightmare of BYOD is giving rise to a new generation of intelligent, highly scalable security products and platforms.

Comment |

Email This |

Print |

RSS

//Comments

Newest First | Oldest First | Threaded View

[close this box]

Cultus,
User Rank: Apprentice
4/2/2014 | 1:47:43 PM

Security

If you can make it more simple, but more safe it will be a success. This is the direction that we should be thinkings.

Susan Fogarty,
User Rank: Apprentice
12/9/2013 | 8:43:19 PM

Re: Application Firewalls

Bill, that's a great point. One other trend I see gaining a lot of ground is toward securing the data itself, as well as the environement, devices, and apps. Especially now that companies are adopting cloud services and may have less control over their environments, data security becomes even more important.

Bill Kleyman,
User Rank: Apprentice
12/9/2013 | 12:34:01 PM

Re: Application Firewalls

@Marilyn - That's a great question. I'm not sure if it's something we'll see standardized. Instead, it's the new application of security technologies around platforms like cloud, big data and applications.

Even then it's hard to tell. The entire security model is shifting to support a more dispersed and dynamically connected user.

Marilyn Cohodas,
User Rank: Strategist
12/9/2013 | 12:29:38 PM

Re: Application Firewalls

Thanks Bill. That sounds like an ecosystem that will require some greater standardization. Is that happening?

Bill Kleyman,
User Rank: Apprentice
12/9/2013 | 12:16:29 PM

Re: Application Firewalls

@Marilyn - It's definitely a combination of the two. Applications, APIs, and information all require good security practices. In some cases, security components are built into Apps, APIs and the infrastructure that supports it all.

On the other hand, having overall environment security is a must as well. This means having intelligent systems which act proactively to mitigate as much threat to your infrastructure as possible. In all honesty this is what the future looks like too. Developers will build in security components into their apps. That will then couple with infrastructure security solutions to ensure data and application integrity.

Bill Kleyman,
User Rank: Apprentice
12/9/2013 | 12:10:23 PM

Re: Mobile security

@Susan - Absolutely, NetScaler platforms are just one example. Next-generation security is really making a boom right now around application, data, and cloud security. Solutions from Checkpoint, Palo Alto, and Sourcefire (Cisco) all introduce new ways to secure the logical layer.

Remember, next-generation security is a concept -- not just one singular product. For example, an F5 Big-IP ADC (like the NetScaler) can also have components that fall into the next-generation security definition.

Marilyn Cohodas,
User Rank: Strategist
12/9/2013 | 10:45:53 AM

Application Firewalls

Bill, I'm struck by your mention of application firewalls, which ties in very nicely with a recent column by Jeff Williams, CEO & Co-Founder, Aspect Security and also a founding members of the Open Web Application Security Project (OWASP). Jeff's point was that the industry still has a long way to go with application security within the development environment. Another contributor, Levi Gundert, mentioned behaviour scoring as defensive measure in his column about Zero-Day Drive-By Attacks: Accelerating & Expanding.

That's kind of a roundabot way of asking you where you see the most bang for the back in next generation secruity -- baked into the applicaton itself, in the intellegient platforms and tools that you speak about in your vblog, or a combination of the two.

Susan Fogarty,
User Rank: Apprentice
12/9/2013 | 9:49:44 AM

Mobile security

Bill, great video, I liked seeing the detailed example showing a specific security product and the different functionality it includes. Can you recommend other vendors that offer similar mobile security platforms as well?

Editors' Choice

I Smell a RAT! New Cybersecurity Threats for the Crypto Industry

David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP, 7/9/2021

Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours

Robert Lemos, Contributing Writer, 7/7/2021

It's in the Game (but It Shouldn't Be)

Tal Memran, Cybersecurity Expert, CYE, 7/9/2021

Live Events

Webinars

Black Hat USA - August 5-10 - Learn More

Black Hat Asia - May 9-12 - Learn More

More Informa Tech Live Events

White Papers

Empower Digital Transformation by Protecting Converged IT and OT

Attack Surface Management v2.0 by Brad LaPorte

What Elite Threat Hunters See that Others Miss

The 2022 State of Cloud Security Report

Transform Your Security Strategy

More White Papers

Cartoon

Latest Comment: I've heard of people walking right out the front door with entire servers...

Cartoon Archive

Current Issue

The 10 Most Impactful Types of Vulnerabilities for Enterprises Today

Managing system vulnerabilities is one of the old est - and most frustrating - security challenges that enterprise defenders face. Every software application and hardware device ships with intrinsic flaws - flaws that, if critical enough, attackers can exploit from anywhere in the world. It's crucial that defenders take stock of what areas of the tech stack have the most emerging, and critical, vulnerabilities they must manage. It's not just zero day vulnerabilities. Consider that CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilitlies in widely used applications that are "actively exploited," and most of them are flaws that were discovered several years ago and have been fixed. There are also emerging vulnerabilities in 5G networks, cloud infrastructure, Edge applications, and firmwares to consider.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

How Enterprises are Developing Secure Applications

Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.

Download Now!

Assessing Cybersecurity Risk in Today's Enterprises

0 comments

The Malware Threat Landscape

0 comments

How Data Breaches Affect the Enterprise (2020)

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2023-1142
PUBLISHED: 2023-03-27

In Delta Electronics InfraSuite Device Master versions prior to 1.0.5, an attacker could use URL decoding to retrieve system files, credentials, and bypass authentication resulting in privilege escalation.

CVE-2023-1143
PUBLISHED: 2023-03-27

In Delta Electronics InfraSuite Device Master versions prior to 1.0.5, an attacker could use Lua scripts, which could allow an attacker to remotely execute arbitrary code.

CVE-2023-1144
PUBLISHED: 2023-03-27

Delta Electronics InfraSuite Device Master versions prior to 1.0.5 contains an improper access control vulnerability in which an attacker can use the Device-Gateway service and bypass authorization, which could result in privilege escalation.

CVE-2023-1145
PUBLISHED: 2023-03-27

Delta Electronics InfraSuite Device Master versions prior to 1.0.5 are affected by a deserialization vulnerability targeting the Device-DataCollect service, which could allow deserialization of requests prior to authentication, resulting in remote code execution.

CVE-2023-1655
PUBLISHED: 2023-03-27

Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.4.0.

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]