Security In Context

Bringing you news and commentary on solutions and strategies for protecting your critical IT infrastructure.


Is Your Organization Prepared Against Advanced Persistent Threats?

An advanced persistent threat (APT) is an attack by which an unauthorized person gains access to the network and stays there undetected for a long period of time. The intent of an advanced persistent threat is often to steal data than to damage the network. Sectors with high-value information, such as defense, manufacturing, financial, telecom…

Post by Peter McCalister May 9, 2012

Well-Intentioned Employees Can Make Poor Judgment Calls

In 2007, Google’s Street View project began to collect “payload data” including e-mail addresses, text messages, and passwords from unsecured Wi-Fi networks of potentially hundreds of millions of people. More than a dozen countries began investigations of Street View in 2010 and in the United States, the Justice Department, the Federal Trade Commission, state attorney…

Post by Peter McCalister May 8, 2012

Our Newest Release – Retina CS 3.1

Our product team has just put the finishing touches on the newest release of Retina CS, our award-winning Threat Management Console. Version 3.1 expands our market leadership in innovation for helping IT secure the technologies being widely deployed today. As it has been since halfway through 2011, Retina CS remains the only unified vulnerability and…

Post by Mike Puterbaugh May 7, 2012

Data Lost: Covering Your Assets

According to a recent CDW poll, one in four organizations experienced data loss in the past two years. Imagine the amount of customer, student, employee and patient information lost because of those incidents, never mind the ones that go unreported. Aligning with this shocking stat is that according to the same study, the number of…

Post by Peter McCalister May 4, 2012

NBC Chicago Interviews Marc Maiffret on Email Security

Recently, Marc Maiffret was interviewed on NBC Chicago about the security risks involved when unsubscribing from emails and how to best avoid being compromised by email spam (it does make up 80% of all email traffic in the United States, after all). Below is that interview and an excerpt from the article. Read the entire…

Post by Sarah Lieber May 1, 2012
, , , , , ,

Manage Privileged Access for UNIX/Linux with Microsoft Active Directory

In my discussions with IT teams, I am continually reminded that managing access to UNIX and Linux systems and doing so in a least cost manner is important for IT. IT must do more with less. There is a constant need to drive down the costs of operations and deliver more to the business. Failure…

Post by Peter McCalister April 27, 2012

Breaches, Breaches Everywhere, It Seems that Insiders Just Don’t Care!

Let’s take a look at a few of the breaches being reported this week alone – all at the hand of insiders. The Utah Department of Health reported that about 780,000 claims had been accessed by a hacker. Then they added that 280,000 people’s social security numbers were stolen and 500,000 people had less-sensitive personal…

Post by Peter McCalister April 24, 2012

Call it Genius. Our Smart Groups Make Vulnerability Management Simple for Security Teams

eEye R&D has been hard at work on optimizing how our enterprise clients can manage and schedule assessments within Retina CS. These efforts will increase the efficiency of how our clients perform assessments across their IT infrastructure – be it their traditional server or desktop assets, or new technologies like mobile, virtual and cloud.

Post by Morey Haber April 20, 2012
, , , , , ,

The Key to Controlling Privileged User Activity? Centralize!

Those of you who follow my blogs know that sudo – and the issues it presents IT organizations – is one of my favorite discussion topics. I suppose that’s because there is no shortage of stories that surface on a regular basis on the problems that can arise with sudo, and I feel compelled to…

Post by Peter McCalister April 18, 2012

Insider Threats: What Can Be Done?

IT security tends to focus on securing the network from external attacks, but little attention is given to malicious activity and human error within the company. According to InformationWeek’s 2012 Strategic Survey, company employees pose just as much of a threat as cyber thieves. How can this be addressed? A recent article by Dark Reading…

Post by Peter McCalister April 17, 2012