Contact Us

Author: Guadalupe Boll

  • Poll: Security Product Selection Criteria

    Poll: Security Product Selection Criteria

    A recent industry poll regarding security product procurement reveals a stark divergence in buyer psychology: 75% of respondents cite vendor reputation and market recognition as their primary deciding factor, while only 25% prioritize product quality. Price and purchasing friction received almost no votes. Deciding Factor Percentage of Respondents Core Buyer Motivation Vendor Reputation or Recognition…

  • How to Secure Your Data – Part 1

    How to Secure Your Data – Part 1

    The cybersecurity industry is built on a collective of lies. Every year, enterprise security teams pour millions into next-generation firewalls, zero-trust network access, and edge protection vendors who promise to turn their infrastructure into an unbreachable fortress. Every year, there’s a new promise of the next revelation. And every year, those same enterprises end up…

  • Vendor Preference Poll: The Ideal Vendor

    Vendor Preference Poll: The Ideal Vendor

    We recently polled a group of cybersecurity and IT leaders about their ideal type of vendor for high-end security solutions. The results were overwhelming: On paper, this makes perfect sense. Security leaders are smart and know that smaller, specialized vendors are agile, stay ahead of the technology curve, and offer deep, expert support. They also…

  • A Database is Not a Network: The Fallacy of Packet Inspection

    A Database is Not a Network: The Fallacy of Packet Inspection

    The security industry has a habit of trying to fit square pegs into round holes. One of the most persistent examples is the attempt to secure databases using network-centric technology. They are called “Database Firewalls” or “Database Activity Monitoring (DAM)” systems based on packet inspection, but these labels hide a fundamental misunderstanding: a database is…

  • Why your Java Application Security is Failing

    Why your Java Application Security is Failing

    The Java ecosystem looks like a fortress, and security is one of its claims to fame. Between Java’s spec+ifications, robust frameworks like Spring, and an endless sea of third-party libraries, you are building on top a Mountain of Security. Yet, data breaches are not an anomaly but a regular occurrence. From small startups to global…

  • Reactive Forensics and Auditing: Follow Sherlock Holmes

    Reactive Forensics and Auditing: Follow Sherlock Holmes

    A reactive forensic investigation is the IT equivalent of a detective analyzing a crime scene. Just as Sherlock Holmes reconstructed the events of a crime through clues, traces, and deductive methods, reactive forensics seeks to answer essential questions like who did it, when, how, etc.? Basically – what happened? Evidence Collection Holmes analyzes every detail…

  • What is the Difference Between Auditing and Monitoring?

    What is the Difference Between Auditing and Monitoring?

    When people hear auditing and monitoring, they can easily assume they refer to the same thing. After all, both involve keeping an eye on IT systems, right? While both terms have multiple meanings, without qualifiers, they relate to functions that serve different purposes and leverage unrelated tools and technologies. Understanding these differences is fundamental to…

  • Budgeting for a Secured Future

    Budgeting for a Secured Future

    Cybersecurity Underinvestment Data breaches are at an all-time high. Different studies show different figures about which countries are most under attack, but it’s pretty obvious that nowhere is safe. It seems as though the whole world is under attack and there are many successful data breaches. At the same time, investment in cybersecurity is insufficient…

  • From a hacker’s perspective

    From a hacker’s perspective

    Attack Detail & Analysis Below we’ll explain the types of attacks used in the comics, provide statistics about their prevalence, and discuss possible defensive measures. This attack and successful breach required a combination of several steps. That’s how all breaches are. While it may not be possible to stop them all the steps, you should…

  • Email Security: Effectiveness & Risks

    Email Security: Effectiveness & Risks

    What Happened? Hackers found an exploit in organizations that use Office 365 and Proofpoint. The exploit allowed the hackers to send authenticated emails with digital signatures identical to emails sent by those organizations. The list of exploited organizations includes Disney, Coca-Cola, IBM, Nike, Best Buy, and many others. Using this exploit, hackers sent over at…