Waverley Labs Blog
Software Defined Perimeter now features Google YubiKey
Innovative security solution to be demonstrated at DHS flagship cyber security event July 11 Software Defined Perimeters (SDPs) are emerging as a key component in a new security paradigm for protecting critical applications and infrastructure. The primary...
read moreVerizon “Black Cloud” Crashes the SDP Party
Software Defined Perimeters (SDPs) are in the news again and Waverley Labs could not be happier. Verizon Enterprise Solutions has launched its new Software-Defined Perimeter (SDP) service that enables enterprise customers to proactively identify and block cyberattacks...
read moreCDM Faces Uncertain Future – But Options Exist
Announced in early 2013, the $6 billion multi-phase DHS CDM program is focused on securing networks and systems across government. It covers some 169,000 tools and services, and it is managed by the Department of Homeland Security's National Protection and Programs...
read moreMongoDB is the tip of the iceberg. Consider new approaches for securing dynamic IT environments.
Over the last few weeks the industry has followed the surge in ransomware attacks against the publicly accessible MongoDB installations. Since January 3, the number of victims has climbed from about 200 databases to more than 40,000. In addition to MongoDB, those...
read moreMr. President … please Tweet this…
Fixing cyber security requires a paradigm shift A GCN article by Sean Carberry and Mark Rockwell titled What Trump Means for Government Tech? examined the presidents’ thoughts on improving cyber security. As someone who may have famously benefited from the...
read moreChange the paradigm – Authenticate first!!
Last week I wrote about how the Dyn attack exposed the IoT as a new area of opportunity for major DDoS attacks. In particular, Dyn illustrated how easy it is for misconfigured IoT devices to be compromised and cripple the DNS system. The only true solution requires us...
read moreIs the IoT the Ultimate Delivery Vehicle for DDoS Attacks?
The Dynamic Network Services (Dyn) DDoS attack is the first to widely exploit the Internet of Things (IoT) and puts an exclamation point on the need to fundamentally rethink how we secure IP-based services, applications and infrastructure. Dyn is a domain name system...
read moreISPs need to step up in the fight against DDoS
GCN recently published an article titled Why ISPs don’t throttle DDoS traffic citing the reason DDoS attacks like the one on Dyn are so effective is because ISPs are not able to identify and block malicious traffic before traffic overloads occur. It’s an interesting...
read moreSecurity and Compliance is a Two-way Street
As high profile security breaches increase, Chief Information Security Officers (CISOs) continue to come under attack as they are typically held responsible for ensuring their organizations' security and compliance with FISMA. A new GAO report released Sept. 15...
read moreULs Cyber Insurance Should Look to Digital Risk Management
UL’s cyber assurance program (CAP) was recently discussed at OWASP’s AppSecUSA Security Conference in Washington, D.C. Consumers rely on UL listings to certify the safety and reliability of products such as light bulbs, batteries and smoke detectors. UL conducts...
read more