Quantcast
Channel: Security – A Collection of Bromides on Infrastructure
Browsing all 48 articles
Browse latest View live

Image may be NSFW.
Clik here to view.

Above All Else…

I’m seeing a growing trend of compliance/policy enforcement tools avowed as security solutions, attempting to capitalize on the waning abilities of existing protection technologies to secure...

View Article



Image may be NSFW.
Clik here to view.

A-Tisket, A-Tasket

At Bromium, we think of everything, or rather we think of each thing you’re doing – as a task. In an earlier blog, our CTO, Simon Crosby, stated that we define a task as “the most granular unit of...

View Article

Image may be NSFW.
Clik here to view.

Are you the victim of a targeted attack?

You are constantly inundated with warnings about targeted attacks and Advanced Persistent Threats (APTs). But how can you determine if your organization is actually being targeted or is just...

View Article

Image may be NSFW.
Clik here to view.

The Ghosts of Malware Past

The year was 1987. Bon Jovi’s Livin’ on a Prayer was blasting through every cassette player. Fred Cohen, the man who arguably coined the phrase “computer virus“ in his paper, Computer Viruses: Theory...

View Article

Image may be NSFW.
Clik here to view.

ISSA Journal: Heap Sprays to Sandbox Escapes

I’m pleased to post my article that got published in the January 2013 release of the International ISSA journal. The title of the article is “Heap Sprays to Sandbox Escapes: A Brief History of Browser...

View Article


Image may be NSFW.
Clik here to view.

The Friction Affliction

Reformed burglars will tell you that leaving the TV on at night is a better theft deterrent than the best alarm system. Most of us don’t think of our television as a security device, let alone a better...

View Article

Image may be NSFW.
Clik here to view.

So NBC.com got hacked. So what?

Earlier today, Brian Kerbs tweeted about the NBC.com hack – at which point both Simon Crosby and I naturally headed to NBC.com to see what was what. Upon visiting the site we received a LAVA alert that...

View Article

Image may be NSFW.
Clik here to view.

BlackHat EU’13: Are You Playing Sandbox Roulette?

This week my colleague Rafal and I had fun presenting our latest research on sandboxing, @BlackHat EU, in Amsterdam.  We showed how to bypass popular application sandboxes on Windows viz: Sandboxie,...

View Article


Image may be NSFW.
Clik here to view.

Always In or Always Out: Another BYODisappointment

Most CIOs that I meet have some sort of plan for BYOD.   After all, the C-level execs want to use their MacBooks at home and at work!  The idea is so popular that even the Federal Government is trying...

View Article


Image may be NSFW.
Clik here to view.

Micro-virtualization for the Security Architect

Micro-virtualization is a powerful construct that allows us to defend an endpoint “by design” – by hardware-isolating individual untrustworthy OS tasks using Intel® VT. (If you are unfamiliar with our...

View Article

Image may be NSFW.
Clik here to view.

vSentry and the Art of VDI Security

Much has been written about whether VDI itself is inherently “secure”. This blog will not attempt to answer that question. Instead I want to focus on how we, at Bromium, view VDI security, and how we...

View Article

Image may be NSFW.
Clik here to view.

Hey, We’re a “Cool Vendor”! Wait, What Does That Really Mean?

Every year, Gartner designates a select number of companies as “Cool Vendors” in their respective market categories.  This year, I’m proud to say that Bromium has joined this elite group and been named...

View Article

Image may be NSFW.
Clik here to view.

The Problem

Take Our Poll We’re in the second half of the year, which means a long array of tradeshows is now behind us. On the heels of the most recent events I’ve attended, Gartner Security and Risk Management...

View Article


Image may be NSFW.
Clik here to view.

On Survivorship Bias and Bulletproof Umbrellas

According to Gartner’s recent report: “Strategies for Dealing With Advanced Targeted Attacks”, we’re in the eye of a five years’ storm; a pwnado (or would you prefer malwarricane? vulncano?). However,...

View Article

Image may be NSFW.
Clik here to view.

Relax! Java is OK – and Easy to Secure

It’s become cool, particularly among those that sport Macs, to scoff at Java and pretend that it’s an anachronism that the world doesn’t need. Perhaps it’s a re-enactment by the Apple faithful of...

View Article


Image may be NSFW.
Clik here to view.

The Final Sandbox #fail?

At Black Hat USA 2013 the Bromium Labs team will demonstrate a second fundamental design flaw present in all Windows sandboxes (sometimes called “software virtual containers”). The flaw allows malware...

View Article

Image may be NSFW.
Clik here to view.

Introducing LAVA

When I say LAVA I mean the Live Attack Visualization & Analysis automated framework Gaurav and Simon mentioned in their recent vSentry announcement blogs. The intent of this blog is to introduce,...

View Article


Image may be NSFW.
Clik here to view.

Above All Else…

I’m seeing a growing trend of compliance/policy enforcement tools avowed as security solutions, attempting to capitalize on the waning abilities of existing protection technologies to secure...

View Article

Image may be NSFW.
Clik here to view.

A-Tisket, A-Tasket

At Bromium, we think of everything, or rather we think of each thing you’re doing – as a task. In an earlier blog, our CTO, Simon Crosby, stated that we define a task as “the most granular unit of...

View Article

Image may be NSFW.
Clik here to view.

Are you the victim of a targeted attack?

You are constantly inundated with warnings about targeted attacks and Advanced Persistent Threats (APTs). But how can you determine if your organization is actually being targeted or is just...

View Article
Browsing all 48 articles
Browse latest View live


Latest Images