187 posts categorized "other security companies"

February 13, 2012

Wombat Continues To Make Learning About Security Fun

wombatI last wrote about Wombat a few months back.They are a company that was spun out of Carnegie-Mellon University and based on some work done under a US Government grant. Based on game theory, they had developed some really fun games that would teach people the do and don’ts of phishing. Now they have expanded beyond phishing to cover other areas of security. The games have also matured and are more contagious then ever.

After seeing Wombat’s phishing Phil and Phyllis last time I checked in with them, I introduced my 12 year old son Landon to them. He did a science project based on phishing and educating his classmates (and their parents) about phishing and wound  up with a 3rd place county wide finish in his project.

I spoke to Joe Ferrara, CEO of Wombat about their new offerings. Moving beyond phishing the team now has training on smart phone use, social media and creating strong passwords and password security.  Of course they still have phishing and email security as well.  Also Joe and his expanded team have moved beyond some of the cartoon figures in phishing Phil to a bit more sophisticated look and feel.  You can sign up for free demos of the products on their web site.

Best of all for Joe and Wombat, the market is warming up to their" “making security training fun” approach. They recently announced that food giant Del Monte had chose Wombat for their security training program for employees. Joe is growing the team pretty quickly at Wombat. Between ramping up the sales team, as well as adding new modules and areas of training, Wombat is hopping right now.

It is good to see a security start up doing so well. Will keep watch on Wombat’s progress, but if you are in need of security training for your organization, you should give them a look.

Posted at 08:37 AM in education, General Security, other security companies, security tips, the security industry | | TrackBack (0)

September 23, 2011

Fixmo for Mobile Security

I just wanted to give a shout out to a new mobile security company I became aware of called Fixmo. Fixmo has several solutions around mobile security including some powered by technology acquired via a technology transfer agreement with the NSA.

As part of their relationship with the US Government, Fixmo offers mobile security solutions for free to government agencies.  Part of this is the Fixmo SafeZone. Fixmo SafeZone empowers the secure use of personal devices on a government networks by establishing a “secure container” on these devices. The organization controls the data and applications within the SafeZone, while employees control all their personal data and applications outside of this zone. This product was developed as a result of Fixmo’s CRADA with the NSA.

I am digging in trying to find out more about Fixmo, but for those who say innovation is not happening in security and that mobile needs to be more secure. Here is a new company that may be worth looking into!

Posted at 02:41 PM in other security companies, the security industry | | TrackBack (0)

September 14, 2011

Alert Logic CAPP Service

As I have written before I do some writing and consulting for several companies. One of them is Alert Logic, who offer a great line up of cloud-based, Security-as-a-Service solutions. 

Today Alert Logic announced their new CAPP program which allows most any security vendor to leverage the AL cloud based platform, turning their security solution into a cloud based managed security service. 

I wrote about over on SecureCloudReview.com, but wanted to mention it on here as well. Here is the article from over on SCR:

Today Alert Logic announced a significant new program that they are calling CAPP (Cloud Acceleration Partner Program). CAPP allows just about any security solution to plug into the Alert Logic Security-as-a-Service, cloud based architecture and become a cloud-based managed service.

This should be a huge development in the security marketplace.  Using the rich APIs developed for the CAPP program, security vendors seeking to integrate into the Alert Logic Security-as-a-Service offering can allow the cloud based platform to “ingest, correlate and analyze security data from individual security tools”.

The first CAPP partner announced for the program is Rapid7, the company behind the Nexpose VM solution and the Metasploit pen testing suite (Rapid7 is also hosting an exciting new conference called UNITED next week). Utilizing the CAPP API’s Alert Logic and Rapid7 now offer ASV PCI scanning as a service.  Other partners should be announced soon.

The CAPP program means that security solution providers don’t have to invest in developing a cloud-based delivery and management solution. They can concentrate on making their own solutions better, yet still enjoy a managed, cloud based option.

From the Alert Logic point of view it allows them to build on their strengths. They have invested millions of dollars and years of time developing their cloud-based Security-as-a-Service platform.  Now in addition to the solutions they already offered via this platform, a new wide range of solutions will be available as well.

It should be very interesting to see what new solutions come via the cloud as a result of CAPP.  It is certainly a program and technology whose time has come.

Related articles
Enhanced by Zemanta

Posted at 11:43 AM in cloud, Current Affairs, other security companies, outsourcing security, the security industry | | TrackBack (0)

July 01, 2011

Marketing 2007 Security in 2011 or LCD Security Marketing

I was reading an interview with an executive from a nameless security vendor the other day and the point he was making was that their security products are necessary because “hacking is now a for profit enterprise”. How absolutely 2007.

Most of the examples of hacking incidents he brought up were attributed to LulzSec or Anonymous. Those are not examples of “for profit enterprises”. They were exactly the malicious and “to show we can” type of attacks that he said disappeared 15 years ago. Not to mention that while cyber-war, cyber-terror and cyber-espionage all have a “profit” in mind, it is not exactly the same “for profit" as the Albert Gonzalez gang stealing credit card data.

In fact recent attacks if anything show that we may in fact be entering a new era of hacking and security that calls the whole responsible disclosure and “ethical hacking” issues into a new light. So why talk about security drivers circa 2007 halfway through 2011?

At first I chalked it up to having people who really don’t have any security background and not living security being put in a position where they are forced to talk about it. But then I thought about it some more. It is more than just another empty suit talking about security, it is a chronic problem in the security industry.

I have heard it from other security executives too. When speaking to customers and the public they don’t think the audience is sophisticated enough to really “get it”. So instead of giving it to them straight, lets give them what they can understand. It is LCD (least common denominator) security marketing. Give them something simple enough that they can put their mind around it, that has examples that have already been established in the public consciousness. This way we don’t have to explain too much and we don’t have to open the kimono about our solutions being perhaps only an inch deep. KISS, keep it simple stupid. If only the world really worked like that though.

But why should we be surprised with least common denominator security marketing when too many security companies sell least common denominator security solutions. You know, the check box security that allows people to say they have complied, but leaves them defenseless when LulzSec and the like put them in their sites.

I think the whole thing is an outgrowth of the old enterprise security vendor approach of watering and “dumbing down” their solutions for the mid-market.  It didn’t work then and LCD security and LCD security marketing doesn’t work now. 

Yes, you may fool some people for some of the time, but you can’t fool all the people all the time and sooner or later it catches up with you.  The people and organizations relying on the security industry deserve better and we as an industry should be better than that!

Related articles
Enhanced by Zemanta

Posted at 04:44 PM in compliance, General Background, General Security, other security companies, Security Consulting, the security industry | | TrackBack (0)

April 19, 2011

FireMon Leapfrogs Competition In Risk Analysis

FireMon (formerly Secure Passage) today announced the acquisition of a company called Saperix Technology. Saperix Technology’s major asset it seems is some patented risk analysis technology that was developed by the MIT Lincoln Labs over the last 10 years.

Of course FireMon is in the firewall/security device management space that I follow pretty closely.  I wrote about the space last shortly after RSA. At the time I noted that some of the players in the space had moved into risk analysis, while others actually came from the risk analysis space into device management (Skybox Security, Red Seal).

At the time I though that FireMon had not kept pace with the others on that front. With today’s move and from what I have seen and been told, it would seem FireMon may have in fact leapfrogged the competition with this smart buy.

I had a chance to sit down and talk with Jody Brazil, President of FireMon last week about the acquisition.  Jody wrote a great blog on the details behind the deal on the FireMon blog today too.

Suffice to say that according to Jody the real thing holding back wider adoption of this type of risk analysis at the enterprise to this point was that frankly it didn’t scale. It wasn’t fast enough or scalable.  That is where this government lab developed technology is different. According to Brazil this technology is enterprise ready in terms of scalability and responsiveness.

The FireMon folks say they have really got something here and will be integrating it into the FireMon product line in a very short time (read that in weeks, not months).

Gary Fish of Fishnet Security is the CEO of FireMon and Gary knows a thing or two about acquiring companies. He says that he is not done yet with acquisitions.  He thinks the future of FireMon is to continue to grow organically, as well as by strategic acquisition. Gary is pretty pumped up about this acquisition as well. 

It sounds like FireMon is going to reassert itself as the leader in this space. With Gary Fish behind it and a solid technology base that they are adding to, it might be a wise bet to bet on FireMon.

Related articles
Enhanced by Zemanta

Posted at 09:34 AM in General Security, MandA, other security companies | | TrackBack (0)

April 14, 2011

Independent Lab Tests; Maybe We Don’t Like Them Too Independent

I have been watching with some amusement this week as the furor over the NSS Labs Firewall report continued to grow.  Now as my friend Bill Brenner details, both Fortinet and Sonicwall are griping about the findings of Rick Moy and his teams testing.

This is not that different than when NSS released their first IPS report a few years back. In that one many of the leading IPS players did a lousy job on real world type of attacks.  One vendor (I think it was Tipping Point) actually failed to identify and block a large percentage of attacks. Again the vendors were up in arms.  But you know what by the time NSS did a second IPS test about a year later many of these IPS vendors did a much better job. Maybe having the truth out there forced them to shape up and actually improve the product.

I had a chance to speak with Rick Moy the other day about the testing and results. Rick pretty much confirmed what I already knew. Very similar to the IPS test, they took these boxes into the lab and ran their tests. The results are what they found.

You may ask why is that different than any other independent tests or product reviews? Well therein lies issues. As someone who has been there, most of the lab tests and product reviews are anything but real world.  Usually the vendor insists on having an engineer present during the test so he can tweak, tune and frankly do whatever it takes to make the box pass the test.

Another way these tests are usually skewed is the testing is not in real world scenarios. They may use large packets, but not small packet or vice-versa but not real world traffic. Other times exactly what kind of tests and attacks will be tested is agreed on before hand so that the vendor can tune up their box and make sure it handles everything the lab is going to throw at it before it is sent over.

Then on top of this, how many lab or reviews have you seen where no one fails anything, there are just varying degrees of great. No one wants to say a bad word about a vendors product.

Why would they? If they did the vendor may not want pay for the lab to test the product again or not take ads in the magazine or what have you.

That is why I like the NSS approach. I remember speaking about it with Rick years ago at RSA. NSS has turned the model on its side. Vendors don’t pay for the testing, the readers of the reports do. So now the vendor has no control over what the lab does or writes.

I think it is refreshing to get a truly independent test and view for a change. Many in the security industry have been calling for this type of thing for years. But it seems when it the test is on your product it is a case of “be careful what you wish for”

Related articles
Enhanced by Zemanta

Posted at 08:12 AM in Cisco, General Security, IDS/IPS, other security companies, the security industry | | TrackBack (0)

April 11, 2011

Glass House Syndrome and the Security Industry

Barracuda Networks

Image via Wikipedia

By now you have probably read about the hacking of Barracuda Networks website. Barracuda has also posted their official response to the incident via a blog post by Michael Perone, CMO of Barracuda. Another report came out shortly thereafter indicating that the attack was the work of a Malaysian group called, HMSec.

It appears that the information made public while embarrassing for a security company to have disclosed, was not financially in and of itself valuable.  Of course any security breach at a security company could be damaging to their reputation and with that damage to reputation, could come financial loss. 

However, lets be clear here.  This kind of thing could happen to any of us. In my case it did. It was just three or four years ago that my blog and email accounts were hacked. But besides that, Barracuda joins some decent company. RSA, McAfee, Symantec, Comodo, Kaspersky and Google to name a few, have all suffered hacking attacks.

So this really is a case of it could happen to any company. Recently it appears that security companies themselves have been targeted by hackers. For that reason any company that would fault Barracuda for what happened here is really playing with fire.  They may find themselves the next one in the glass house while someone else throws stones.

This point was brought home to me by the tweets I saw after this incident was originally reported.  Josh Corman of 451 Group said he wasn’t interested in hearing from companies who would say this sort of thing would never happen to them.  Mike Rothman and Bill Brenner agreed +1 and +1000.  Martin Mckeay wondered why he didn’t already see marketing around this story.

Is that really the sad state of our industry? Are there people arrogant and stupid enough to stand up and throw stones at any of these companies that have suffered breaches, as if it couldn’t happen to them?  I would hope not, but maybe I am wrong.

In the post from Barracuda they say that their WAF was inadvertently placed in passive mode and then shut down for a maintenance window. The inference being that had the WAF been up, this would not have happened. Of course there are some who in their best SNLChurch Lady voice say “how convenient”.

But really does it matter? If the WAF was up, but there was some spear phishing that gave the attackers a vector in, would you feel differently?  There is no guarantee that you cannot be hacked. I don’t want to use the APT word, but no one, no one is 100% immune.

So if we really have members of our industry who would say this could never happen to them, shame on them. Pride is the deadliest of the deadly sins.

The only real lesson to be learned here is that it could happen to you or I or any of us. That is why we have to  be ever vigilant and work as an industry to safeguard not only our own but the property of others as well.

Related articles
Enhanced by Zemanta

Posted at 11:29 PM in General Background, other security companies, phishing, security tips, twitter | | TrackBack (0)

Good News From Alert Logic

Image representing Alert Logic as depicted in ...

Image via CrunchBase

My friends at Alert Logic posted two press releases today containing good news for the company.  In the first release they announced that they had raised a Series E round of funding totaling 12.6 million dollars.

Besides existing investors, Updata Partners, Covera Ventures, DFJ Mercury, and Access Venture Partners, several members of the company’s management team invested as well.  It is always a good sign to see the management team putting skin in the game. The money will be used to expand all phases of the business.

In the second release, Alert Logic announced that they had broken through the 20 million dollar revenue run rate barrier. In the past I have taken private companies to task for releasing “another great record quarter” press releases. The reason I have is because they usually don’t include the actual numbers. But in this release Alert Logic announced 2.3 million in new ARR for the quarter, bringing the companies ARR to 20 million.

It would seem that Alert Logic’s SaaS delivery model and strategy of selling through cloud and hosting providers is working and paying dividends. The company has doubled revenue since 2009 when they began to pursue the service provider channel.

Very impressive news from Houston. Congratulations to Gray Hall, Misha Govshteyn, Urvish Vashi (an old Interliant friend) and the rest of the team there.

Enhanced by Zemanta

Posted at 08:44 AM in friends, General Security, other security companies, outsourcing security, SaaS, the security industry, vulnerability management | | TrackBack (0)

April 05, 2011

Life without Firewalls - Possible,Yes Practical, No

An illustration of where a firewall would be l...

Image via Wikipedia

SC Magazine UK edition had an article the other day by Dan Raywood. He tells us of Kevin Dowd, CEO of CNS Networks and Security who has been running an experiment for years now running a network without perimeter firewalls. 

The premise is that we rely too much on our firewalls, they are not a magic bullet and you can have a secure network without them.  You can read the article for all of the tricks and tweaks done to try and secure the network.  They try to keep the network as simple as possible and actually seem to substitute a lot of host based firewalls in place perimeter firewalls.

As we used to say as little kids, “anything is possible”. But just because something is possible, doesn’t mean it is practical or even advisable. Why you would want to tie one hand behind your back and get into a street fight is beyond me.  Just doesn’t make a lot of sense.

My friend Jody Brazil, CEO of FIremon had some thoughts on this as well. He actually went through the exercise of pointing out some of the pitfalls and reasons you wouldn’t want to do this. You can read his thoughts at the link above.

But really, I would think we have all learned that there are no magic bullets in security. Why one would want to take a tool like a firewall out of the hands of security and network admins just doesn’t make a lot of sense to me.

Enhanced by Zemanta

Posted at 09:02 PM in General Security, other security companies, SC Magazine, security tips, the security industry | | TrackBack (0)

March 29, 2011

Webinar about DLP for Mid-Size Health Care with Palisade Systems

Image representing Palisade Systems as depicte...

Image via CrunchBase

My friends at Palisade Systems are hosting a webinar on April 6th on mid-size health care organizations using DLP to comply with regulatory requirements and cost-effectively improve their security and data protection posture.

Richard DeRoche, information technology director for Lutheran Life Communities (LLC), a mid-size and growing provider of healthcare services, will be talking about how he has used the Palisade’s DLP solution.  I will be joining Richard on the panel, along with Guy Helmer, Ph.D., CTO of Palisade Systems.

Palisade Systems, besides being a great solution for the SMB DLP market is a big supporter of the Security Bloggers Network and has for years been a sponsor of the Security Bloggers Meet up at RSA.

On top of this, Guy Helmer blogs himself on the InfoLoss blog. If you haven’t read any of his stuff, you should check it out for sure.  He usually has some great content. Of course Guys’ blog is part of the Security Bloggers Network as well.

The webinar is at 11am eastern time on April 6th. It will be recorded and available to download and listen as well. Of course if you aren’t on live, you can’t ask questions.  So if you can, don’t miss it.

You can register for the webinar at http://palisadesystems.com/webinar-event/.

Please join me and learn a little bit about DLP and Palisades Systems.

Related articles
Enhanced by Zemanta

Posted at 10:59 AM in compliance, General Security, links and appearances, other security companies, security bloggers network | | TrackBack (0)

Next »
My Photo

Subscribe to my blog

Enter your email address:

Delivered by FeedBurner

Lijit Search

Blog Networks

Creative Commons License
This work is licensed under a Creative Commons Attribution-Share Alike 2.5 License.

Search

Lijit Search

Attend a Computer Forensics Boot Camp to better your skills and become a better worker

Categories

Track my blog stats

Blog powered by TypePad
Member since 10/2005

About