Few software companies have beat the security-begins-in-the-application-development-process drum louder than automated software testing solutions vendor Parasoft Corporation. “Prevent errors as you write the code,” is the company mantra (if not exactly its slogan). The advent of service-oriented architectures that support wide-scale use of Web services makes that message even more urgent, says Wayne Ariola, Parasoft’s VP of corporate development.
In 2002, when IPLocks was founded, the enterprise database security conversation was all about perimeters and encryption, and the company’s products reflected that focus. But the conversation has taken a turn in recent years. Organizations are concerned about internal intrusions, the misuse of sensitive information by trading partners and sustaining regulatory compliance. IPLocks has responded to that shift with a broader approach, says CTO Adrian Lane, which it calls information risk management.
Why do so many application development organizations push security to the back of the bus? One reason, says Gartner analyst Ray Wagner, is that security requires a level of expertise most developers don't have.
SIMs collect raw data from security-related software and systems, correlate it, aggregate it and then present it in a way that makes it actionable.
When Iron Mountain lost 40 backup tapes containing personal information about 600,000 current and former employees of Time Warner earlier this year, it grabbed headlines, but it wasn't such big news. The Time Warner incident came just weeks after Bank of America reported losing backup tapes containing financial information about more than 1.2 million federal employees, including 60 U.S. senators. And a month before that, Ameritrade acknowledged losing backup tapes containing information about 200,000 clients.
IBM recently introduced software it says will allow companies to share and compare information, while protecting private and sensitive personal information.
Between 30 to 60 percent of the security budget increases in the last two years can be tied directly to compliance, according to analysts at Nemertes Research.
In a bid to help SMBs address IT security, reliance and compliance needs, IBM recently announced a new suite of Express hardware, software and services.
E-mail encryption is now one of the fastest-growing categories in the e-mail security market, concludes a recent study by Osterman Research, and it’s likely to grow by more than 100 percent over the next 12 months. One of the key drivers of this warp-speed growth spurt, the analysts found, is corporate anxiety about regulatory compliance.
E-mail encryption is now one of the fastest-growing categories in the e-mail security market, concludes a recent study by Osterman Research, and it’s likely to grow by more than 100 percent over the next 12 months. One of the key drivers of this warp-speed growth spurt, the analysts found, is corporate anxiety about regulatory compliance.
Tricky security requirements and a lack of clear-cut standards make exposing applications as Web services a high-wire act.
In an effort to help companies develop secure applications for Microsoft .NET and Java, PreEmptive Solutions released Dotfuscator Professional Edition 3.0 and DashO 3.2.
It’s April 12, and do you know where your Windows XP systems stand? The mechanism to temporarily disable delivery of Windows XP Service Pack 2 (SP2) expires today. Microsoft allowed temporary disablement through Windows Update and automatic updates for a period of eight months, starting August 16, 2004, to give customers more time for validation and testing of the update. But now, time’s up.
If you're not nervous about identity management and security in your organization, you're just not paying attention. Recent ID heists at ChoicePoint and Bank of America lit a veritable bonfire under Congressional behinds, and lawmakers are set to put the onus for safeguarding customer info squarely on the shoulders of the enterprise.
The ZigBee Alliance has begun promoting a new adopter class level of membership, which the group hopes will appeal to companies that want to develop ZigBee-based products, but don't care about extensive participation in the organization promoting them.
Computer security guru Gary McGraw is famous for pushing developers to take responsibility for building secure software. The operations side can only do so much with buggy applications and flawed systems, he has said. It's up to "the guys who build stuff for a living" to stop thinking about security as a feature, and to begin seeing it as an emergent property of a whole system.
To regulate or not to regulate; that was the question for a panel of IT industry notables at last week's RSA security conference in San Francisco. In an on-stage debate that sparked some heated exchanges, the panel--which included former White House cybersecurity czar Richard Clarke, Information Technology Association of America (ITAA) president Harris Miller, TechNet president Rick White, and IT security expert and author Bruce Schneier--took on the issue of software liability and whether there should be more government regulation of the private sector, including the technology industry.
The 14th annual RSA 2005 Security Conference and Expo, under way this week in San Francisco, saw an upstart and an old rival announce products and initiatives aimed at taking market share from the event's namesake.