[SecurityRatty] tag: list

EM7 helping customers make the Deloitte Technology Fast 50?

Thu, 09 Oct 2008 18:15:42 +0000

Now in its 14^th year, Deloitte’s Technology Fast 50 program recognizes the fastest growing technology companies in a given geographic area. The basis of the selection is a company’s revenue growth over a five-year period. These companies can be public or private and can encompass all technology, media, telecommunications and life sciences industry sectors. Not all the regions have reported winners, but the results are in for Virginia and Maryland and we’re happy to say EM7 customers are very well represented by the ones that made it.

Congratulations to:

EM7 at the Merkle NOC

And we must point out that Hughes topped the Maryland Technology Fast 50 list with an astounding growth rate of 138,762% over the past 5 years! Wow, it would be tough for any company in the world to beat that growth rate, but all kudos must go to Hughes and this incredible achievement. I’m sure we’ll see them on the National Technology Fast 500 list coming out soon.

Now I would like to say that without ScienceLogic and EM7 much of this would not have been possible, but of course that statement would be an incredible stretch. What I can say is that our product and our technology has had a profound impact on the operational efficiency for HughesNet, so perhaps you can give us, using a basketball analogy, 12 assists in the game.

Interesting to note, several other award winners are in the midst of product evaluations as we speak. I think that EM7 Meta-Appliances are a strategic weapon within each of these businesses to leverage our technology in interesting ways which create huge organizational value and operational efficiencies.

So to all those companies who have won this year… a BIG congratulations from the bottom of my heart. For our existing customers who made the list this year… keep working hard so you can make it again next year. For ScienceLogic, stay tuned in: We were not quite big enough to make the list last year, however I am very excited about our growth in 2008 and am quietly confident that you will see us on the Virginia Fast 50 list next year!

Do-Not-Call Lists

Tue, 07 Oct 2008 11:51:16 +0000

Turns out you can add anyone's number -- or remove anyone's number -- to/from the Canadian do-not-call list. You can also add (but not remove) numbers to the U.S. do-not-call list, though only up to three at a time, and you have to provide a valid e-mail address to confirm the addition.

Here's my idea. If you're a company, add every one of your customers to the list. That way, none of your competitors will be able to cold call them.

Links List 10.3.08

Fri, 03 Oct 2008 16:55:16 +0000

Well finally, an upside to the financial crisis – more students in computer science. After the dot-com crash, enrollment went down in computer science, almost 50% since 2003. Many students shifted their interest from the technology field to banking and finance because they thought they’d make more money. And now the financial crisis could scare them into choosing majors and careers that are “safer alternatives”, like IT. And perhaps the trend is reversing for those already on Wall Street as well. Ben Worthen writes about the influx of resumes Kodiak Venture Partners has been getting: from financial-services vets who want to work at tech startups, – not to “strike it rich” this time around, but just to make a living. And it’s not just the tech workers. Seems like the ones that don’t even have any real IT experience are looking too – for jobs as VPs of marketing (harrumph). (img from www.fas.org)

I’m sure you already know about the other “network management” – where ISPs and carriers get their hands publicly slapped for limiting bandwidth to high-traffic offenders. But when is this kind of “network management” a good thing? At a panel sponsored by the FCC in DC, reps from carriers and ISPs discussed what steps they’ve been taking to prepare for a pandemic or other major global crisis – that would force workers to stay at home or work from more remote locations to limit exposure.

Are people paying attention to ICANN? They’re saying that IPv4 will be fully allocated in the next two or three years. Does anyone care? In their bid to make people care, ICANN talks about the state of IPv6 adoption and touts Africa as the most rapid adopter.

SOA soon part of the ‘cloud’? No, please no.

Microsoft – The Silver Lining in Every Cloud. Joe Wilcox over at eWeek’s Microsoft Watch, has been following Steve Ballmer around and collecting some nice quotes on how the company is transitioning. “For many years, we had kind of what I would call the all-encompassing mission, vision and scorecard statement: a computer on every desk and in every home. …Well, our footprint and portfolio is broader than that. “ [In every hand and of course, in every cloud…] “So, as a vision statement we talk about creating seamless experiences that combine the magic of software, the power of the Internet across a world of devices.” The magic of software – something I haven’t thought about for a while. And:

“You need a real platform in the cloud. When we wanted to go after the PC, we built an operating system. When we wanted to go after the phone, we built an operating system. When we wanted to go after the enterprise, we built an operating system. We’ll announce a new operating system, one that runs in the cloud and has a wide variety of capabilities.”

Web Based Malware Eradicates Rootkits and Competing Malware

Wed, 01 Oct 2008 14:08:43 +0000

A tiny 20kb antivirus module within "yet another web based malware in the wild", promises to get rid of all Zeus variants, and also, detect and remove rootkits found on the infected system in order to ensure that it's the only malware the victim remains infected with. What's really special about its command and control interface is that it's AJAX based, with the seller pitching the feature as "you no longer have to hit F5 in order to see how's your malware campaign doing".

Here's a brief (translated) description :

- Simultaneously execute different campaigns, allocate specific bots for specific countries only, set time and data for automatic update with the new binaries
- Firewalls and antivirus bypassing capabilities, Anti-tracing, anti-reverse engineering
- Self defense mechanism for harder removal
- ICQ notifications for finished tasks, newly infected hosts, graphical statistics

Exactly how it removes rootkits remains yet unknown due to its proprietary nature and brief description, but resetting the hosts file and taking advantage of updated BHO list of known malware are among the ways it removes competing malware.

Monthly Blog Round-Up - September 2008

Wed, 01 Oct 2008 12:19:00 +0000

As we all know, blogs are a bit "stateless" and a lot of good content gets lost since many people, sadly, only pay attention to what they see today. These monthly round-ups is an attempt to remind people of useful content from the past month!

So, here is my next monthly "Security Warrior" blog round-up of top 5 popular posts and topics.

Shockingly, AGAIN this month, the "Top 11 Reasons to Secure and Protect Your Logs" came up as #1 most popular post (maybe driven by my poll). BTW, see my other logging polls.
Security ROI - and its parent topic "security metrics"/"measuring security" - is definitely an ongoing HOT debate. Indeed, the old post "Security ROI Pile-Up!" takes the #2 spot this month, possibly propelled by a more recent post "Second ROI War."
Some say that "short blog posts rule", but, in reality, good, fun content is the best. Here is an example: "Dumb Luck IS a Strategy!" post makes the top list. In it, I try to explore why people still ignore security concerns even if stare people in the face...
Discussion on what you can do to soften the impact of "getting 0wned" ( "What CAN You Do?") made the top list. Good!
As before, my post "11 Signs That Your SIEM Is A Dog or "Raffy, You Killed SIM!"". It is both humorous and sadly true (and backed up by other sources)
Still burning hot is a post with my irreverent comments on a Terry Childs saga. Namely, "On Doomsaying (Terry Childs case)", "So ... Am I? Maybe I Am!" and "Admins , Good Guys or "I am NOT an Idiot!""

See you in October.

Possibly related posts / past monthly popular blog round-ups:

Technorati Tags: blog,security,loggings,monthly

All Quiet on the CA Front

Wed, 01 Oct 2008 11:31:54 +0000

If you’ve read the blog, you know that we follow the Perils of CA with much amusement. Honestly, you couldn’t make up the stuff that Sanjay Kumar et al were and apparently are still making headlines with “35-day months”, accusations that founder Charles Wang knew and was part of the whole mess, a former US senator involved too, Sanjay’s unbelievable $1 billion in restitution…and the list goes on. (img from NYTimes.com)

But I am reminded that it’s not just the titillating stuff that’s of interest. CA is still one of the Big 4 and up until a couple of years ago making headlines with some major and strategic purchases in our space – such as buying Concord for its e-Health software in 2005 and Wily Technology in 2006.

I recently ran across a 451 Group report, “CA: ghosts of deals past” by Brenon Daly (if you haven’t read one of his takes on the M&A market, you don’t know what you’re missing) that showed quantitatively just how much the acquisitions had slowed down.

2003 – 4

2004 – 3

2005 – 6

2006 – 6

2007 – 0

2008 – 0 (so far)

Two or three years ago (I still have the slide in our presentations), it seemed like you couldn’t go a month or two without hearing about the latest acquisition by the Big 4 – to either fill gaps in their monolithic portfolios or take out a growing threat, which had built some good technology. This should sound very familiar to anyone (like me) who rubbed up against WorldCom. Growth (in revenue and technology) by acquisition. Buy your own revenue and don’t worry about the niggling details like integration.

But we’ve certainly seen the acquisition trend slow across the board. HP, after its mega-purchase of Mercury Interactive in 2005 for $4.5 billion, for example, went relatively silent on the acquisition front in our space. Perhaps, as it turns out, because they were too busy preparing for the even bigger purchase of EDS for $13.9 billion (and the layoffs, 24,600 and counting, which in this worsening economy are probably just starting).

Dedicated to All PMs Out There

Wed, 01 Oct 2008 10:54:00 +0000

A must read on product management... funny as life :-)

"You Might be a PM if…

· … someone asks about your weekend plans and your answer consists of a list of Pri ones, twos, and threes.

· … you’ve ever ended a relationship using a PowerPoint presentation."

(more)

MI6 Terror Suspects Pictures Found on eBay Camera

Tue, 30 Sep 2008 07:18:12 +0000

The types of data breaches in the UK never seize to amaze me. If you ever need proof that security is a People, Process and Technology problem then stories like this serve as a good reminder. http://www.thisislondon.co.uk/standard/article-23561908-details/’MI6’s+t/error+snaps%27+on+eBay+camera/article.do Thanks to Daniel for posting on a list……

You Might be a PM if

Tue, 30 Sep 2008 06:41:28 +0000

· … someone asks about your weekend plans and your answer consists of a list of Pri ones, twos, and threes. · … you’ve ever ended a relationship using a PowerPoint presentation. · … you shape your wedding plans around product releases. · … you can use all of the features of PowerPoint. · … you fail to associate [...]

Interop NY Survey Top IT Challenges, Trends and What IT is Spending Money On

Mon, 29 Sep 2008 23:00:37 +0000

I won’t belabor the point again but just mention it as context for the 2nd annual survey we conducted at Interop NY this year. As I was dragging myself to the very early keynotes at VMworld, things were falling apart on Wall Street, entire departments at Lehman were being let go, and the boys were in NYC getting the InteropNet show network up and running.

By all accounts the show did go on, and we have some very interesting results to share with you all.

Take the Top Challenges question. Once again, “Supporting New Technologies/Enabling Innovation” was most popular. But that’s a no-brainer and as one memorable respondent told me, “the definition of what I do”. What was more important was seeing the big jump that “Reducing Management Costs” made on the list, from #5 last year to #2 this year and only 1 percentage point behind #1. Tightening the belt is top of mind for everyone. (As I write, the Dow closed down today over 700 points)

Overall, IT professionals told us they were tackling the practical projects that should and could get done – from deploying Security Information Management solutions to getting Asset Management and Inventory Tools in place. For the first time, we saw a close correlation between what people said was important and what actually got done. Of low importance and even lower actual deployments – ITIL and CMDB, IPv6, Green IT and Cloud Computing.

And perhaps people “fessed” up about virtualization. Instead of the usual “high importance, not so many deployments now, but more deployments planned” theme we’ve been seeing around virtualization adoption, this year the very hot trend seemed to lose a bit of steam. Across the board, the numbers were down for virtualization management, with close to 50% of respondents telling us that their businesses were less than 10% virtualized (4% of that with no virtualization at all).

2008 Detailed Results – showing trends year over year

Comparison of Results from Interop NY 2008 vs FOSE 2008 (government IT)