Security In Context

Bringing you news and commentary on solutions and strategies for protecting your critical IT infrastructure.


Plugging Into Your Remediation Process

My team and I have spoken with a number of analysts and have confirmed that the plethora of vulnerability assessment solutions on the market share a common trait and a common flaw, the shear volume of reports that can be created based on a vulnerability assessment. Every scan can lead to a myriad of hosts…

Post by Morey Haber June 21, 2011
Intentional Harm

Reasons Why You Should Give a DAM: Part 1

The lack of control of privileged database credentials continues to expose corporations to significant risk associated with insecurity and inaccuracy of the key data assets that drive business activities, decisions, and value. I’ve previously covered the six questions you should ask yourself if you should give a DAM, so now it’s time to look a little deeper at the implications.

Post by Peter McCalister June 21, 2011

Sensitive Data Security – Our Pledge to Your Customers

In the wake of the recent attack on the Sony PlayStation Network and the resulting massive data breach, consumers are more than a little concerned about the security of the sensitive information that they provide companies. For the most part, many of them know very little about the online security measures in place at companies with whom they do business. And until recently, they probably didn’t care.

Post by Peter McCalister June 20, 2011

Macs Need Least Privilege Too

Turns out that Macs aren’t as virus and hacker proof as originally perceived. Just check out a recent posting on to read all the details. In this blog post it appears that a new malware threat is appearing when users perform Google searches. I’ve actually seen this malware pop up on a Mac recently,…

Post by Peter McCalister June 17, 2011

Cloud Vendors Need Least Privilege For Better Security

If you want to use the cloud and need to do it in a secure and compliant way you’re going to need to think about who’s responsible for what. As numerous studies and articles have highlighted, most cloud vendors today don’t provide a platform that’s fully up to enterprise security standards.

Post by Peter McCalister June 16, 2011
psst wanna buy-resized-600.gif

Pssst – Hey Buddy, Wanna Buy Some Data?

The economy of cyber crime is all too real – and too enticing. No longer sequestered to dark alleys and seedy bars, data thieves have almost unlimited options to market their ill-gotten wares to potential buyers. What this means to employers and organizations: The temptation to access and ‘appropriate’ sensitive data may be too great for some to resist.

Post by Peter McCalister June 15, 2011

What Do You Think About eEye’s Zero-Day Tracker?

What Do You Think About eEye’s Zero-Day Tracker (

Post by The eEye Research Team June 15, 2011

Microsoft Patch Tuesday – June 2011

Another even month, another huge security bulletin release by Microsoft. Those who took my advice and convinced their bosses to let them take vacation this month avoided 16 security bulletins – hopefully your co-workers will have them fully tested and deployed before you return. For those of us not sitting on a beach somewhere, there…

Post by Chris Silva June 14, 2011

The University of Winchester Selects PowerBroker Desktops

The University of Winchester is an educational institution in the United Kingdom with a strong heritage and innovatice teaching model. Their 5,900+ students enjoy educational challenges in 17 different departments at the hands of over 650 staff members.

Post by Peter McCalister June 14, 2011

Unified Vulnerability Management for Financial Organizations

If you are in the financial sector, how are you protecting your financial systems from tampering? If you are the CEO or CFO you must ensure that you financial reports are accurate, delivered in a timely fashion, and do not contain any information that was tampered with. This requires securing critical information technology systems that…

Post by Morey Haber June 14, 2011