Tag: Stuxnet

Premature vulnerability disclosures and the collateral damage done

This week I’m in Berlin, Germany for Virus Bulletin, the premier technical conference for the anti-malware industry. I have the honor of appearing twice on the conference agenda this year. The first event is a joint presentation with Microsoft regarding the ethics of public vulnerability disclosure. The second appearance is on a panel about collateral damage in cyber conflict. READ MORE

Digital Rights Crackdown, IT Consumerization, and Other Predictions for 2011

It's that time of year again. Bloggers, CTOs, analysts, and other industry thought leaders everywhere are being asked what they think will be hot in the new year. I've received no less than four requests of this type since December 1st so I figured it's time to sum up my thoughts on the subject in a year-end-predictions post. Should be fun to circle around next December to see how well we faired. Given the fact that the flow analysis industry encompasses both network and security monitoring we'll discuss both topics separately (even though they are intertwined in many ways).  … READ MORE

Utilities: You Should Be Using NetFlow to Monitor Your SCADA Environment

When our new CEO Mike Potts came on board almost a year ago one of the first technology trends he asked me about was the applicability of Lancope's flow analysis technology in the utilities sector. He wanted to know how we fit into environments that have NERC requirements. The inevitable conversion of traditional analog power grid tech to an IP-based SmartGrid makes the utilities sector an obvious target for a company like Lancope. IP-based SCADA networks are extremely easy to baseline and ideally suited for flow-based anomaly detection. So I spent a few weeks catching up on NERC-CIP and talking… READ MORE