ContentCopyright © 2011 cloudbook: The Cloud Computing & SaaS Information Resource. All Rights Reserved.
 |
||||||||||
| login | | | About | | | Contact Us | ||||||
 |
Michael BermanCTO at Catbird Networks, Inc |
| Contributions |
| Blog Feed |
| Contributions |
| Podcast: Virtualization Security Testing |
|
|
September 24 2009 - Virtualization Security Roundtable
|
|
|
Virtualization Security Testing |
|
| Podcast: Virtualization Security Roundtable |
|
|
September 10 2009 - Virtualization Security Roundtable
|
|
|
Virtualization Security Roundtable |
|
| Podcast: Predictions for VMworld |
|
|
August 27 2009 - Virtualization Security Roundtable
|
|
|
Predictions for VMworld |
|
| Podcast: HyTrust Authentication/Authorization |
|
|
August 12 2009 - Virtualization Security Roundtable
|
|
|
HyTrust Authentication/Authorization |
|
| Podcast: VMsafe Virtual Firewalls |
|
|
July 30 2009 - Virtualization Security Roundtable
|
|
|
VMsafe Virtual Firewalls - Guest: Todd Ignasiak from Altor Networks |
|
| Podcast: Virtualization Security Roundtable: Cisco |
|
|
July 16 2009 - Virtualization Security Roundtable
|
|
|
Virtualization Security Roundtable - Guest: Paul Fazzone of the Cisco Nexus 1000v Team |
|
| Podcast: vWire - Auditing and Monitoring Security |
|
|
July 02 2009 - Virtualization Security Roundtable
|
|
|
vWire - Auditing and Monitoring Security - Guests: Karen Hepner & Steve Beaver from vWire, Scott Lowe of ePlus Technology & Chris Wolf of Burton Group |
|
| Podcast: Virtualization Security Open Round Table |
|
|
June 18 2009 - Virtualization Security Roundtable
|
|
|
Virtualization Security Open Round Table |
|
| Podcast: Virtualization Security Roundtable: Citrix |
|
|
June 04 2009 - Virtualization Security Roundtable
|
|
|
Virtualization Security Roundtable - Guest: Kurt Roemer of Citrix |
|
| Podcast: Standards, Hosting, and Top 3 Security Issues |
|
|
May 21 2009 - Virtualization Security Roundtable
|
|
|
Standards, Hosting, and Top 3 Security Issues - Guests: Mike Wronski, VP of Product Management, and Aaron Bawcom, VP of Engineering at Reflex Systems |
|
| Podcast: VMsafe and Live from Virtualization Congress |
|
|
May 07 2009 - Virtualization Security Roundtable
|
|
|
VMsafe and Live from Virtualization Congress - Guest: Bill McGee, Sr Director of Product Development at Trend Micro |
|
| Podcast: vSphere and Live from RSA Conference |
|
|
April 23 2009 - Virtualization Security Roundtable
|
|
|
vSphere and Live from RSA Conference |
|
| Video: RSA Conference: FEA-303: Virtualization Security (Registration Required) |
|
|
April 20 2009
|
|
|
This panel discussion and QA covers the state and possible future for virtualization security. Panel session with: Andreas Antonopoulos - Sr. Vice President, Nemertes Research Christofer Hoff - Chief Security Architect, Unisys Simon Crosby - CTO, Citrix Systems Stephen Herrod - CTO and VP of R&D, Vmware Michael Berman - CTO, Catbird |
|
| Presentation: Data Protection for Virtualized Servers |
|
|
April 17 2009
|
|
|
Webinar: Data Protection for Virtualized Servers |
|
| Podcast: Virtualization Security (Requires iTunes) |
|
|
April 09 2009
|
|
|
Virtualization Security (Requires iTunes) |
|
| Podcast: Virtualization and Cloud Security |
|
|
April 09 2009 - Virtualization Security Roundtable
|
|
|
Virtualization and Cloud Security - Guest: Hal Pomeranz, UNIX Systems Management and Security Professional |
|
| Podcast: Unified Fabric |
|
|
March 26 2009 - Virtualization Security Roundtable
|
|
|
Unified Fabric - Guest: Steve Phillips of Cisco |
|
| Presentation: Securing the Dynamic Data Center |
|
|
March 19 2009
|
|
|
Securing the Dynamic Data Center |
|
| Podcast: VDI Security |
|
|
March 12 2009 - Virtualization Security Roundtable
|
|
|
VDI Security |
|
| Podcast: Compliance & Privacy |
|
|
February 26 2009 - Virtualization Security Roundtable
|
|
|
Compliance & Privacy - Guest: Rod Randwall of VMware |
|
| Article: Virtualization Audit 101 |
|
|
February 19 2009
|
|
|
The top 5 risks and recommendations for protecting your virtual IT. |
|
| Podcast: Storage Security |
|
|
February 19 2009 - Virtualization Security Roundtable
|
|
|
Storage Security - Guest: Christopher Kusek, Technology Evangelist and Consultant at NetApp |
|
| Podcast: VaaS Security |
|
|
January 29 2009 - Virtualization Security Roundtable
|
|
|
VaaS Security - Guest: Gene Kim, Founder & CTO at Tripwire |
|
| Podcast: DMZ in a Virtual Environment |
|
|
January 15 2009 - Virtualization Security Roundtable
|
|
|
DMZ in a Virtual Environment |
|
| Article: The Future of Virtualization |
|
|
December 16 2008
|
|
|
The Future of Virtualization Predictions for the Virtualization Market in 2009 |
|
| Presentation: Security & Compliance in Virtual Infrastructures |
|
|
November 19 2008
|
|
|
Webinar: Security & Compliance in Virtual Infrastructures |
|
| Podcast: Phishing and Pharming Attacks and How to Protect Yourself |
|
|
October 10 2008
|
|
|
Dane Deutsch (CEO/DCS Netlink) and Michael Berman (CTO/Catbird) discuss Catbird Technologies and the Hacker Threats and Methods on the Internet globally today. Dane and Michael discuss the definition of what a Catbird (which is a real bird) is, and why Catbird can help warn and protect customers when they are doing business on the Internet. In addition, Michael explains the different types of lures coming from malware and Internet security threats today, including: phishing, spear phishing, and pharming. Phishing lures a potential customer to malicious websites, fraudulent website links through email spamming techniques. In addition, Catbird provides tools and monitoring services, such as the Catbird Pharming Shield, designed for websites which provide 24 hour per day/365 days per year web security protection. |
|
| Podcast: Drive by Downloads |
|
|
October 10 2008
|
|
|
Dane Deutsch (CEO/DCS Netlink) and Michael Berman (CTO/Catbird) discuss Catbird Technologies and the methods that hackers use to accomplish “Drive by Downloads.” Dane and Michael discuss the dangers of Drive by Downloads and how Catbird services protects websites so that they don’t become a victim. Catbird is not only a defensive weapon, but are really proactive as an offensive weapon as well. |
|
| Podcast: Vulnerability Monitoring 101 |
|
|
October 10 2008
|
|
|
Dane Deutsch (CEO/DCS Netlink) and Michael Berman (CTO/Catbird) discuss Catbird Technologies and the methods that Catbird services and products use to proactively monitor vulnerabilities on internal and external networks as well as websites. They discuss how vulnerability monitoring is a critical component of staying vigilant in the security arena. It is important to find the holes in our security before the “bad guys” do. These services run on a daily scheduled basis 365 days per year. Simple, secure and real-time vulnerability monitoring systems and services that allow a customer to stay ahead of the threats and risks in our networks and on the Internet today. |
|
| Grok Computer Security One hacker's odyssey to understand computer security |
 |
| February 04 2012 |
| There's been some commentary on the recent article, "China's Role in JSF's Spiraling Costs." ... read more >> |
| January 24 2012 |
| ... read more >> |
| January 19 2012 |
| I’ve been “upgrading” my home infrastructure:Seagate GoFlex Network StorageNetgear WNDR3800(other stuff)All my toys run linux, so imagine my surprise when this starts showing in my logs:[ ... read more >> |
| April 02 2011 |
| Custom and automated attacks against web sites continue as vendors and developers still have not gotten the hang of secure coding techniques.In one case, an automated attack has infected more than 600,000 sites in about two days.The ... read more >> |
| September 22 2010 |
| HyperSentry is a technology that uses IPMI to allow an out-of-band method for checking hypervisor integrity.IPMI is a backdoor to the system, so it is something that has to be managed carefully. When I did pen-testing I often found that it was not secured properly. That said, it is a ... read more >> |
| September 02 2010 |
| --Virginia Gov't Agencies Suffer Massive Outage(August 27 & 30, 2010)A storage area network (SAN) memory card failure at the VirginiaInformation Technologies Agency (VITA) left at least two dozen agencieswithout the ability to conduct business. Among the affected agenciesare the Department of Motor Vehicles, which was unable to issue driver'slicenses, and the Depar ... read more >> |
| August 28 2010 |
| Recently several companies have developed features or products to make web surfing more secure. One of these technologies uses reputation. Reputation is a measure of trust for a web site or web page. In this case trust is typically measured by how much SPAM, malicious traffic, or attacks a site is known to generate. It turns out that measuring these things is not that hard because a majority of web traffic flows through a relatively small num ... read more >> |
| August 24 2010 |
| So, I got this funny SPAM email, and I thought someone will take this seriously and alert FOX news to yet another massive government intrusion into our lives... ;-)By the way the SPAM came with a ZIP file that will probably p0wn your computer if you install it...------ Begin MessageFrom: Alfreda RobertsonDate: Tue, 24 Aug 2010 16:04:07 +0200To: ... read more >> |
| July 02 2010 |
| Looks like Sony has learned from Dell’s leaky capacitor debacle.Sony says ... read more >> |
| March 17 2010 |
| Full Disclosure: I am a long time Firefox userRecently, there have been serious security advisories for Chrome, Safari, and Internet Explorer:http://www.eweek.com/c/a/Security/IE-Attacks-Circulate-as-Microsoft-Updates-Advisory-766154/http://www.v3.co.uk/v3/news/2259391/apple-updates-safari-browser While a patch is now available for Safari (and perhaps Chrome), the community is still wai ... read more >> |
| March 16 2010 |
| Recently, in the press:March 12, The Register – (International) SSD tools crack passwords 100 timesfaster. Password-cracking tools optimised to work with SSDs have achieved speeds up to 100 times quicker than previously possible. After optimizing its r ... read more >> |
| February 25 2010 |
| Federal Trade Commission links wide data breach to file sharingThe Federal Trade Commission (FTC) said Monday that it has uncovered widespread data breaches at companies, schools and local governments whose employees are swapping music, software and movie files over the Internet.http://www.washingtonpost.com/wp-dyn/content/article/2010/02/22/AR2 ... read more >> |
| February 24 2010 |
| ... read more >> |
| January 22 2010 |
| Collected from US-CERT and other sources: Microsoft has released out-of-band Security Bulletin MS10-002(http://www.microsoft.com/technet/security/bulletin/MS10-002.mspx) to resolve seven privately reported vulnerabilities and one publicly disclosed vulnerability. This update includ ... read more >> |
| December 21 2009 |
| First published here on 12/14/2009:In Part A, I discussed the functional requirements for a virtual firewall. Now let's take a look at the technologies required to make this work.Traffic segmentationFirewalls segment traffic. That's obv ... read more >> |
| December 21 2009 |
| First posted here on 12/07/2009:The new cloud (or if you prefer hosted computing services, or IAAS) rests on top of virtualization. If we’re going to take the cloud seriously, it will have to be compliant. One of the more stringent compliance frameworks is PCI DSS. Let’s look at requirement one and start building a solution for the cloud. ... read more >> |
| August 13 2009 |
| Right out of a Tom Clancy novel, a 4,000 tonne cargo ship is missing. Reportedly, this ship had nothing worth hijacking. There are not a lot of facts about this available but there are some interesting bits:10 armed men boarded the ship about a week before it disappeared. They left 12 hours later.The ship spent two weeks in ... read more >> |
| April 23 2009 |
| I am recording a webcast live next Wednesday. It's free and only requires a short pre-registration.Data Protection for Virtualized Servers ... read more >> |
| April 10 2009 |
| From the Mercury News:John Britton, a spokesman for AT&T, said it appears somebody opened a manhole in South San Jose, climbed down eight to 10 feet and cut four or five fiber-optic cables. Britton also said there was a report of underground cables being cut in San Carlos.AT&T's contract with the Communication Workers of America expired at 11: ... read more >> |
| March 31 2009 |
| I am recording a webcast live today. It's free and only requires a short pre-registration.Securing the Dynamic Data Center ... read more >> |
| March 30 2009 |
| Well, here’s the Wikipedia entries that got me thinking: As a countermeasure, ICANN and several TLD registrars began in February 2009 a coordinated barring of transfers and registrations for these domains”Variant C contains code to sidestep these countermeasures by generating an expanded daily list of 50000 domains across 110 TLDs. This new pull mechanism, however, is disabled until April 1 ... read more >> |
| February 03 2009 |
| Summary:Level 1 credit card processor fails to prevent data loss effecting hundreds of millions of transactions. Attacker installed tools on Heartland server, inside the PCI trust path network Tools “sniffed” transactions and sent data to system(s) outside North America ... read more >> |
| December 12 2008 |
| Yesterday, the New York Times covered the recent arrest of Bernard L. Madoff.Madoff, a prominent Wall Street Hedge fund manager, has admitted to running a $50 Billion Ponzi scheme.While law enforcement has been quick to react, the revelation came when Mr. Madoff confessed to an associate. Whi ... read more >> |
| December 09 2008 |
| Very nice article on the hack against Check Free here.Current theories center on the likelihood that a Check Free employee got suckered by a phishing or straight-up social engineering attack.I'm going to hazard a guess that this was a spear-phish or more targeted form of attack. A q ... read more >> |
 |
|
|
|
|
|
|
|