[SecurityRatty] tag: point-in-time

Check Point appliances fight spam, protect industrial networks

Thu, 20 Nov 2008 21:00:00 +0000

Check Point Software is upgrading its multifunction security appliances with antispam capabilities, support for secure wireless connectivity and protection for devices that control industrial infrastructure.

Don't just stand there... do something!

Wed, 12 Nov 2008 08:57:54 +0000

At some point, we the users of vulnerable technologies need to tell the experts to stop posturing and just do the right thing.

Security at the point of sale

Tue, 04 Nov 2008 02:00:00 +0000

Retailers often find themselves facing sophisticated networks of thieves intent on spoofing point-of-sale systems.

Really Good Point From Schneier ...

Wed, 01 Oct 2008 10:36:00 +0000

Read all here; the key point is: "The same is true for knitting needles [...] and whatever else the airport screeners are confiscating this week. If there's no consequence to getting caught with it, then confiscating it only hurts innocent people. At best, it mildly annoys the terrorists.

To fix this, airport security has to make a choice. If something is dangerous, treat it as dangerous and treat anyone who tries to bring it on as potentially dangerous. If it's not dangerous, then stop trying to keep it off airplanes. Trying to have it both ways just distracts the screeners from actually making us safer."

Doesn't it just make sense?!

Security's connections and intersections

Sun, 28 Sep 2008 20:00:00 +0000

Security is perhaps the most difficult intellectual profession on the planet. The core knowledge base has reached the point where new recruits can no longer hope to be competent generalists; serial specialization is the only broad option available to them.

Cryptosmith Blog

Thu, 04 Sep 2008 07:43:11 +0000

Rick Smith has a blog called Cryptosmith. Rick has written extensively on authentication, crypto, and other pressing issues. A couple of his posts to point out

Models for Today's Security

The Center for Password Sanity

Check Point goes virtual with VPN-1

Sun, 17 Aug 2008 20:00:00 +0000

Check Point is introducing a version of its VPN-1 software that runs on VMware ESX or ESXi to protect virtual machines from one another when they are running on a single piece of hardware.

Majority of Web users share personal data online

Tue, 12 Aug 2008 09:00:00 +0000

AOL research shows 89% of Internet users have at some point willingly given away personal details online.

Fun Reading on Security - 6

Thu, 07 Aug 2008 14:01:00 +0000

Instead of my usual "blogging frenzy" machine gun blast of short posts, I will just combine them into my new blog series "Fun Reading on Security." Here is an issue #6, dated August 7th, 2008.

DNS + Karma = Boom! Enuf said. Also, hear Pete Linstrom squeal.
Fun essay on "blocking" and risk. Is it our job to stop'em from using Facebook?
MS Exploitability Index. Smart ... or misguidedly focused on "vulnerability release" (and not creation)
Chip-n-PIN, a PCI killer? I don't think so!
Mike R revisits "good enough security" - read it, then review your IR plans (...for you will be 0wned)
Very fun RSA survey here; data leakage beats malware again, people still not report incidents (to whom???)
More and more and more people point at idiocies of academic security research... Read the whole w00t 08 thread here. Weep. Laugh.
Neosploit has a bad quarter... breaks support "contracts" ... shuts down? Ah, the economy :-)
Awesome stuff from Richard Bejtlich: CAER.
"The Network Firewall is a Consensual Hallucination" :-)
More GRC-ball-kicking: here, here ("IT-GRC "vendors" are not IT-GRC vendors") - both are pretty insightful for GRC-lovers and GRC-haters)
More SIEM-ball-kicking: here ("underwhelming","ridiculous", "missing the point"), here ("dead ...unless","cripple")
Fun DLP portal launches.
Final word (?) on TerryChilds-gate here. "When management starts controlling the actions of admins, things start to fall apart." Huh? When management loses control of the business, it dies. Folks, IT vs IT security gap IS real. I never quite believed it, but this taught me a lesson. Some common security sense for a change (also here).

Enjoy.

How we tested Check Point's IPS

Sun, 03 Aug 2008 20:00:00 +0000

We installed the Check Point IPS-1 Sensor 200C on our production network. The IPS-1 Sensor 200C has four IPS interfaces which are paired into two sets of fail-open (or fail-closed, if you want) Gigabit Ethernet ports.