My Thoughts on my Recent Trip to Mexico and LATAM’s Position on Information Security: Bigger and More Expensive Means Better?

October 14, 2016 — by Carl Herberger0


Most recently I traveled to Mexico City in large part to support a tradeshow and presentation I was to deliver at Segurinfo Mexico 2016.

My hat’s off to the organizers of Segurinfo Mexico 2016, which is held in Mexico City every year as they held a very powerful event! Over the past few years this event has continued to build attendance and interest at a brisk pace as they achieved a record high attendance and a wonderful gathering of vendors and practitioners alike. All-in-all, I believe that if one couldn’t learn something from the Segurinfo Mexico 2016 show then the problem probably laid more with the seeker than the organizers of this show!

Application DeliverySecurity

Security Threats Are Like a Box of Chocolates

September 14, 2016 — by Frank Yue2


You never know what you are going to get when you take something from a box of chocolates. I can guarantee you that sometimes you will get one that you like, and other times, well, you know. When I was younger, my mom used to pick up a chocolate and poke through the bottom of it to see what was inside. If she didn’t like it, she would put it back in the box for someone else (read: the kids) to eat.

Managing security on the network is very similar. There are many different types of attacks and it is important to have security solutions that can manage as many as possible. Some of the attacks are easy to identify and mitigate, while others are less appetizing to deal with. Different attack types need to be detected and mitigated. Like my mom, some attacks are better suited to be identified in one location and mitigated (eaten) in another.

Cloud SecuritySecurity

Shadow IT – Security and DR concerns?

September 6, 2016 — by Prakash Sinha0


According to Gartner, on average, 28 percent of IT spend occurs outside the IT department today. IT behind IT’s back, commonly called shadow IT, is primarily driven by easily available cloud services. Mobile growth and work shifting practices enables the shadow IT further with employees’ desire to work from anywhere. Shadow IT are typically services and applications that an organization’s IT department has had no role in selecting or vetting, and IT may not even be aware that these services and applications are being used within the network.

Convenience and productivity are often the drivers for adopting shadow IT. Employees deploy solutions that are not approved by their IT departments and many times, the reasoning is that going through the traditional route for approvals is too complicated or time consuming.


CHI-NOG 2016 Recap

July 21, 2016 — by Ron Winward1


A few weeks ago I had the honor of presenting at the Chicago Network Operators Group (CHI-NOG) conference about the current DDoS Threat Landscape and some of the tools people are using to attack networks today. It was the sixth iteration of the event, which continues to grow in size and content, and the second time that I have been fortunate to present about DDoS. Radware was pleased to be a sponsor of the event this year.

Attack Types & VectorsDDoSSecurity

Early Attack Activity Forcing New Thinking in Healthcare IT/Security

July 7, 2016 — by Ben Desjardins0


Every year when we conduct our survey for the Global Application & Network Security Report, one of the more interesting things to observe is how different industries are viewing the threat landscape. Changes such as technology adoption within industry tend to create new points of vulnerability, which quickly become the targets of malicious actors looking to exploit these new-found points of access. This year has been a particularly eye-opening year for the healthcare industry, which has seen a rash of recent attacks targeting their increased reliance on technology and networked data, often through the tactic of ransom attacks.

The increase in ransom attacks was one of the many interesting angles we saw within the inputs of the healthcare industry through our survey. Others provide additional insight into areas IT and security practitioners in the space have more or less concern, or feel either exposed or more or less secure.


Adaptive Managed Services Bolster Security

June 30, 2016 — by Jason Ford0


By Jason Ford, Chief Technology Officer of BlackMesh

The benefits of relying on a managed service provider are seemingly endless. Managed services can help organizations focus on business strategies, conserve funds and resources, mitigate risks, and maintain, operate, and deploy environments. In recent years, however, the IT industry has come to a crossroad where managed services meet security. With the current threats of cyber hacks and intrusion methods being what they are, security is as important – or perhaps more important – to system owners as any other advantages they garner from a managed service provider. While championing the incomparable value correlated with having a powerful and dependable infrastructure without having to manage it, enterprises now can – and do – feel the same about managed security services.


Your Right to Privacy

June 22, 2016 — by Radware0


If George Orwell was alive today, he would probably be considered an optimist as far as our right to privacy goes. That’s the perspective of our Vice President of Security Solutions and cyber security expert, Carl Herberger. Last week, Carl sat down for a Facebook LIVE event to discuss our right to privacy, and how to defend against it in the face of growing security threats. He discusses a number of recent hacks, including those on financial institutions, the healthcare system, and even dating websites, like Ashley Madison. He also addressed a number of questions from followers, such as what we should avoid posting on social media, how online privacy works, and what expectations of privacy we should have in an age of the Internet of Things and constant data breaches.


Fraud on the Darknet: How to Own Over 1 Million Usernames and Passwords

June 16, 2016 — by Daniel Smith3


Over the last several weeks, we have all become conditioned to mega leaks. 117 million from LinkedIn, 360 million from MySpace, 68 million from Tumblr and 127 million from Badoo. That’s over a half a billion emails and usernames up for grabs! This is a gold mine for hackers. Researchers are not the only ones that obtain and analyze leaked databases. Often times, hackers will keep databases for themselves so they can conduct malicious activity with the credentials.

Application DeliveryWPO

Cloud Load Balancing – Does your provider have what it takes?

June 14, 2016 — by Prakash Sinha0


Cloud computing brings cost efficiency and deployment flexibility to applications. These advantages are driving the demand for cloud-enabled applications. The move to the cloud raises concerns for service levels such as availability, security, and on-demand scalability for the applications.

For many years, application delivery controllers (ADCs) have been integral to addressing service level needs for enterprise applications deployed on premise. As data centers consolidate, end users connect remotely from a variety of locations with varied devices. Many enterprise applications are typically not designed out of the box to meet today’s quality of experience (QoE) needs.


The Alpha, The Beta and The Omega: A Cyber Security Fairy Tale

June 9, 2016 — by Carl Herberger1


There once was a big, big, company who had many powerful subsidiary companies, some of which were acquired and some of which were part of the big, big company’s heritage product lines.

This big, big company made many meaningful products and services which were both adored and deeply needed by their many customers, and whose name was known to nearly all in the land.