Icon-add-to-playlist Icon-download Icon-drawer-up
Share this ... ×
By ...
DevOps.com Podcast with Mitchell Ashley and Alan Shimel
March 23, 2014 09:13 PM PDT
itunes pic

A new podcast for the new DevOps.com website hosted by Mitchell Ashley and Alan Shimel.

This is the introduction episode with a review of the first articles on DevOps.com

APT: the security threat we love to hate
December 03, 2013 10:39 AM PST
itunes pic

In this episode I am once again joined by my co-host, Mitchell Ashley and our guest is Michael Sutton, VP of security research at Zscaler. The topic is APT: Advanced Persistent Threat, the security threat everyone loves to hate.

Many people think that APT have been over-hyped by both the infosec media and APT vendors who have ridden the APT scare to fame and fortune (well to fortune anyway).  But APTs are real. Whether by spear phishing or water hole drive by downloads, targets are being infected with APT attacks, Once infected they are used to first infiltrate and then exfiltrate from high value networks.

Some APTs are the work of nation-state entities for strategic goals, others are financial in motivation. But they are seldom random.  Michael tells what Zscaler is doing to combat APTs. Mitchell and I have our own views on this whole class of attack and it makes for a good listen.  


Mitchell and Alan Together Again Discuss AWS and other things
November 20, 2013 10:54 AM PST
itunes pic

Sort of like Dean and Jerry getting back together Mitchell Ashley and I are podcasting together again! It was like old times with Mitchell as we settle into speak about what he has been up to over the last few years. We discuss the recent AWS re:Invent conference, the cloud, IT, DevOps, etc.

We only take this out for a 20 minute spin so it is a quick listen. Hope you find it as interesting and fun as we did. We will be hosting another episode next week with a special guest as we discuss APT.

Here are links to some of the stuff Mitchell and I discussed:
Bblog post on CIO role: http://goo.gl/fzH5K The CIO Role - From Tech Manager to IT Services Broker

AWS reference architectures.
- cloud bursting - https://devcentral.f5.com/articles/aws-reinvent-2013-cloud-bursting-reference-architecture-feat-pearce
- cloud migration - https://devcentral.f5.com/articles/aws-reinvent-2013-cloud-migration-reference-architecture-feat-pearce#.UoZvkGRgZIA

HIPAA Wants You To Keep The Firewall On
July 18, 2013 04:49 AM PDT
itunes pic

The University of Idaho was fined over 400k by the Departmenet of HHS recently for a breach that involved a clinic operated by the university turning their firewall off for 10 months. That seems pretty obvious to security folks, but goes to show that HIPAA fines are real.

I am joined in this podcast by Steve Spearman of Health Security Solutions, Billy Austin of iScan Online and Tim Woods of Firemon as we talk about what you can do to keep your firewalls up, secure your endpoints, find ePHI and avoid being the next big HIPAA story.


When HIPAA Is To Hard For Health Care, Outsource It!
May 14, 2013 08:25 AM PDT
itunes pic

HIPAA, HITECH and other regulatory compliance mandates have given many a health care professional headaches. It is hard enough practicing health care, dealing with complex insurance regulations and running a business. Making sure you comply with the latest patient confidentiality and security laws are frankly beyond many health care providers. Who are they going to call?

That is where Steve Spearman and his company Health Security Solutions comes in. Steve's company have become the HIPAA experts for health care providers throughout the country.

I had a chance to speak with Steve and find out how he makes these complex regulatory compliance issues doable for the doctors.

Have a listen and you can learn too!

In Security Response Does Not Trump Prevention
May 02, 2013 05:15 AM PDT
itunes pic

This episode of the Open Network is with Jason Brvenik, VP of Security Strategy at Sourcefire. Jason and I speak about the recent trend in security that acknowledges that successful attacks happen and we need to put resources into response, potentially at the expense of resources dedicated to prevention. Which is more important?

Jason's expertise in security gives us great insight into this question as well as some great advice for what you need to do in putting your security strategy in place.


The Real Cost of Security with Wendy Nather of 451 Research
April 04, 2013 07:15 AM PDT
itunes pic

One of my favorite people in the security industry is my friend Wendy Nather, Director of Security Research for 451 Research. Wendy has a new report coming out on the "real cost of security". This is somewhat of a follow up to her earlier "security below the poverty line" report. Wendy likes to look at what type of security CISO's think they need and what it actually costs.

It is always educational and fun to hear what Wendy has to say. Enjoy!

Trustworthy Computing Sponsors the Security Bloggers Network
March 01, 2013 08:45 PM PST
itunes pic

I am very pleased to report that once again the good folks over at Microsoft's Trustworthy Computing Group have agreed to sponsor the Security Bloggers Network.  The SBN has a long history of working with TWC and we are happy to work with them again.

Microsoft is holding their second annual Security Development Conference in San Francisco, May 14-15, 2013. The conference will feature Scott Charney, Corporate VP Trustworthy Computing, Microsoft; Edna M Conway, Chief Security Strategist Global Supply Chain, Cisco Systems; Brad Arkin, Senior Director of Security Adobe Secure Software, Engineering Team (ASSET).

Microsoft SDC

Conference specialty tracks target three different types of professionals: Engineers, Project Management, and Leadership. Combining keynotes from thought leaders as well as specialized breakout sessions, this conference is a can’t-miss for security professionals at any level. You can register now!

tim rainesI had a chance to chat with director of TWC Tim Raines. We were going to talk about the conference, but Tim and I started talking about the TWC, the world of security and what the challenges on the horizon are. By the time we were done, we never got to the conference, LOL!

Anyway, I think you will find the conversation very interesting. Enjoy and if you can go to the conference.

Alert Logic Partner Pavilion at RSA 2013 - Urvish Vashi
February 22, 2013 05:51 PM PST
itunes pic

This third in a series of podcasts about RSA 2013 and the the Alert Logic partner pavilion is with Urvish Vashi, VP of marketing at Alert Logic.

Urvish gives us the behind the scenes thinking on why Alert Logic thought it was important that they exhibit with some of their leading partners at RSA this year. He also tells us that it was not difficult to convince these partners that exhibiting at RSA was good for them. In fact it was somewhat of a no brainer for them.

I know Urvish for many years and he is a sharp thinker who understands the market and the technology. This is a short conversation and well worth the time to listen in.

Alert Logic Partner Pavilion at RSA 2013 - Navisite
February 22, 2013 05:46 PM PST
itunes pic

RSA Conference is where the world gathers around information security.  This year in addition to their own exhibit, Alert Logic is also hosting a partner pavilion where 5 of the leading hosting and cloud providers in the world will be exhibiting as well.

I had a chance to speak with Chris Patterson, VP of Product Management at Navisite, one of the Alert Logic Partners exhibiting.

Chris is one of the driving forces behind the Navi cloud.  He also has some great insight into the state of cloud security and what market drivers are influencing the direction of future innovation.

Chris shares some great insight into Navisite's offerings including not just cloud, but security, managed desktop and the state of the market.

It is a great conversation and worth the listen!

Next Page