Our thoughts, industry views and technology trends

Featured

Contributor:
John E Dunn
August 6th, 2015

Windows 10 whitelisting will not be for everyone

Windows 10′s security overhaul offers a lot but beware its complexities and limitations

With the arrival of Windows 10 in late July, businesses must once again pose many of the same questions that presented themselves at the time of the launch of Windows 8 in 2012, Windows 7 in 2009 and, for those with long enough memories, Windows XP in 2001.

 

Continue Reading

Surviving WS2003 end-of-life

The biggest security threat of 2015?

Microsoft’s support programme for Windows Server 2003 (WS2003) is currently in the extended support phase, which is scheduled to cease on 14 July 2015. After that date, if a new security vulnerability is discovered, there is no commitment that a fix will be produced and released by Microsoft, nor will it address non-security defects or assist customers that encounter problems.

Continue Reading


File less fears

Last week I was talking to a customer about whitelisting policies. Having rolled out least privilege, application control and sandboxing to their estate they had gone from hundreds of security incidents per week to virtually none. This has caused the security team to become more proactive by shifting from constant firefighting and reacting to incidents to thinking strategically and planning ahead.

Continue Reading


Is InfoSec languishing in the dark ages?

Last week saw the start of RSA 2015, the annual gathering of security professionals and vendors from across the world in San Francisco. In the opening session, Amit Yoran, president of RSA, declared that InfoSec needed to escape the dark ages.

Continue Reading


The Mitigation Game

Last year, Avecto released its first Microsoft Vulnerabilities Report celebrating 10 years of “Patch Tuesdays” with analysis of the vulnerabilities from 2013. Following on from the success of the original report Avecto have crunched the numbers to analyze the 2014 Microsoft vulnerabilities, revealing how the removal of admin rights is more important than ever.

Continue Reading


Take control of admin rights to secure your business

If we take just a handful of the high-profile security breaches over the past few years, where cyber criminals obtained administrator rights as a way into the corporate network, the approximate total number of customers affected reaches almost 300 million, a figure just shy of the total population of the United States! There’s no doubt that the figures are eye-opening, but what is more alarming is the fact that many organizations are still resisting fundamental security best practise – the need to remove admin rights across their estate.

Continue Reading