COMPUTING | 27 September 2016
Mike Lloyd, CTO at RedSeal, argues that more granular control is a good thing, but it’s easier said than done.
There’s a lot going on in virtual data centres. In security, we’re hearing many variations of the term “micro-segmentation”. (It originated from VMware, but has been adopted by other players, […]
There’s a lot going on in virtual data centers. In security, we’re hearing many variations of the term “micro-segmentation.” (It originated from VMWare, but has been adopted by other players, some of them adding top-spin or over-spin.)
We know what segmentation is. Every enterprise network practices segmentation between outside and inside, at least. Most aim […]
Most people think about network infrastructure about as much as they think about plumbing – which is to say, not at all, until something really unfortunate happens. That’s what puts the “infra” in the infrastructure – we want it out of sight, out of mind, and ideally mostly below ground. We pay more attention to […]
I recently came across a rather nice title for a webinar by A10 Networks’ Kevin Broughton– “Hide & Sneak: Defeat Threat Actors Lurking within your SSL Traffic”. “Hide & Sneak” is a good summary of the current state of the cybersecurity game. Whether our adversaries are state actors or less organized miscreants, they find plenty of ways […]
The latest revelations about firewall vulnerabilities stolen and leaked by the Shadow Brokers are very scary, but not all that new. We learn about the release of a major infrastructure vulnerability about once every six months or so. Organizations that have learned to focus on resilience — knowing their network and how to operate through a […]
Recent press coverage has focused a lot of attention on some long-hidden vulnerabilities in firewalls. Network security teams are scrambling to understand whether they are exposed, and to what extent. These notes show how you can use RedSeal to understand the extent of the problem in your specific network.
Nature of the Issues
The current […]
THE DAILY CALLER | April 22, 2016
One of the National Security Agency’s (NSA) highest ranking officials warned Wednesday of a serious threat posed to the nation’s critical infrastructure from potential cyber threats
by Dr. Mike Lloyd, CTO RedSeal
The recently disclosed back door in Juniper’s ScreenOS software for NetScreen firewalls is an excellent reminder that in security, the first and foremost need is to do the basics well. The details of the vulnerability are complex and interesting (who implanted this, how, and what exactly is involved?), but that is not what […]
Recent headlines tell us that “Feds Say That Banned Researcher [Chris Roberts] Commandeered a Plane.” As always, there is more to the story. In fact, there are claims and counter-claims about what Chris Roberts actually did. The FBI search warrant says he did actually send control commands that impacted the flight path of the aircraft, […]
The watch-word for the SendGrid breach is “interdependence”. In the online world, we may think we’re dealing with one company, but we’re actually dealing with them and with every other company they choose to deal with. This makes an ever-widening attack surface. (The breaking news about the Chinese “Great Cannon” software shows similar patterns.) These days, if […]