Get In Touch
Steve Ragan, a former hacker and current staff writer for CSOonline.com, joins me in part two of our series on Web security for small and medium businesses. The focus of this episode is on hacking techniques, attacks and defenses.
Hardware Security Modules (HSMs) are physical devices attached or embedded in another computer to handle various cryptographic functions. HSMs are supposed to provide both physical and logical protection of the cryptographic material stored on the HSM while handling cryptographic functions for the computer to which they are attached. As websites move to the cloud, are HSMs the right way to achieve our goals? Before we talk about goals, it is
Yesterday, Akamai InfoSec participated in a second Twitter forum as part of National Cyber Security Awareness Month. Participants supplied a ton of great resources, which I think is worth sharing here. See last week's Twitter chat about cybercrime defenseWhat follows are some of the tweets from the conversation. If you want to better understand the threats to critical infrastructure and what's being done about it, you'll find what follows useful.14hbaber @baberI was on
This month, I've been hosting a three-part webinar series on the challenges smaller companies face when it comes to Web security. This week and next, I'm presenting the recordings here. WellStar Health System Security Director Martin Fisher joined me for part 1: "What Web Security Means for Small & Medium Businesses."
Akamai Chief Security Officer Andy Ellis gives a whiteboard lesson on zero-day vulnerabilities. Class is in session:
In Episode 5 of the Akamai Security Podcast, I interview CSIRT Director Michael Smith. We discuss the role of CSIRT in researching threats and vulnerabilities, as well as keeping customers and the wider public informed of defensive measures they can take.--Listen to the podcast HEREBio: Michael Smith is a senior security manager with more than 20 years of experience in the IT security and intelligence fields performing security design and
Akamai's CSIRT team advises companies to check their systems for Web shells, executable code running on a server that gives attackers remote access to a variety of critical functions. Online adversaries can install Web shells by compromising legitimate Web applications on a server, using such tried-and-true techniques as SQL injection, Remote File Inclusion, an unvalidated file upload feature or through a valid user's stolen credentials. Here are the basics of
Yesterday, Akamai participated in a Twitter forum on cybercrime as part of National Cyber Security Awareness Month. Participants supplied a ton of great resources, which I think is worth sharing here. What follows are some of the tweets from the conversation. If you want to stay out of the attackers' crosshairs -- or if you're a victim looking for help -- you'll find what follows useful.ESET @ESET13hIf you're a victim, DOJ has
Akamai CSO Andy Ellis gives an overview of tokenization and why it exists, as well as a brief history of the credit card industry.