the State of Security

_Best Practices In Virtualization

Maybe your kung fu isn’t working…

by Dwayne Melancon

My friend and IT thought leader, Gene Kim, often refers to high-performing IT shops as “people with good IT kung fu.” What he means by that is that these organizations have good skills, agility, and effective practices. Lately, the news has been full of reports of botnets and other attacks that have gone unnoticed for [...]

Read More

Does Compliance = Security?

by ~Previous Contributers

By:  Sean Sherman Compliance programs sometimes get a hard rap. The recent Heartland Data breach and the subsequent verbal thrashing of the PCI compliance program at a congressional hearing might put that compliance program’s relation to security into question. In this case, Congress seems to have asserted that security equals compliance, and failure of one [...]

Read More

Question: When Is It Acceptable To Patch QA Environment Ahead Of The Production Environment?

by ~Previous Contributers

A buddy of mine is head of information security at a large insurance company, and we were talking about a common area of passion for us: implementing controls in pre-production. He told me about an argument that came up between him and his QA manager. This QA manager was already getting harassed by the rest [...]

Read More

Got skillz?

by Dwayne Melancon

Just perusing a solid article from Alan Joch on “6 Tips for Server Virtualization.”  All of his recommendations are right on, but I find them to be ‘necessary but not sufficient.’ One thing he doesn’t explicitly mention is to invest in developing your own standards, policies, practices, and competencies within your organization so you can [...]

Read More

Let’s Get Virtual: Tripwire Virtualization Survey Results

by ~Previous Contributers

By: Mark Gaydos Let’s get virtual, virtual, I wanna get virtual, let’s get into virtual Let me hear your systems talk, Your systems talk, let me hear your systems talk! Tripwire has released the results of the first annual Tripwire Virtualization Security Survey. There are some interesting results. Many of the results one would expect [...]

Read More