Waverley Labs Blog
Mr. President, please don’t confuse IT activity with cyber security
Last month, Rob Joyce, President Trump’s Special Assistant, and Cyber Security Coordinator for the White House, discussed the administration’s cyber security priorities. Joyce is tasked with carrying out the initiatives highlighted in President Trump’s recently signed...
TIC Tock … TIC Tock … Today’s security architecture is on the clock
Acting CIO Margie Graves recently addressed increasing challenges associated with Trusted Internet Connections (TICs) that are at the center of agency email and web browsing services employing secure centralized gateways and have been growing in seriousness for the...
Software Defined Perimeter now integrates Yubico YubiKey with Google Account Logins
Innovative security solution to be demonstrated at DHS flagship cyber security event July 11 Software Defined Perimeters (SDPs) are emerging as a key component in a new security paradigm for protecting critical applications and infrastructure. The primary...
Verizon “Black Cloud” Crashes the SDP Party
Software Defined Perimeters (SDPs) are in the news again and Waverley Labs could not be happier. Verizon Enterprise Solutions has launched its new Software-Defined Perimeter (SDP) service that enables enterprise customers to proactively identify and block cyberattacks...
CDM Faces Uncertain Future – But Options Exist
Announced in early 2013, the $6 billion multi-phase DHS CDM program is focused on securing networks and systems across government. It covers some 169,000 tools and services, and it is managed by the Department of Homeland Security's National Protection and Programs...
MongoDB is the tip of the iceberg. Consider new approaches for securing dynamic IT environments.
Over the last few weeks the industry has followed the surge in ransomware attacks against the publicly accessible MongoDB installations. Since January 3, the number of victims has climbed from about 200 databases to more than 40,000. In addition to MongoDB, those...
Mr. President … please Tweet this…
Fixing cyber security requires a paradigm shift A GCN article by Sean Carberry and Mark Rockwell titled What Trump Means for Government Tech? examined the presidents’ thoughts on improving cyber security. As someone who may have famously benefited from the...
Change the paradigm – Authenticate first!!
Last week I wrote about how the Dyn attack exposed the IoT as a new area of opportunity for major DDoS attacks. In particular, Dyn illustrated how easy it is for misconfigured IoT devices to be compromised and cripple the DNS system. The only true solution requires us...
Is the IoT the Ultimate Delivery Vehicle for DDoS Attacks?
The Dynamic Network Services (Dyn) DDoS attack is the first to widely exploit the Internet of Things (IoT) and puts an exclamation point on the need to fundamentally rethink how we secure IP-based services, applications and infrastructure. Dyn is a domain name system...
ISPs need to step up in the fight against DDoS
GCN recently published an article titled Why ISPs don’t throttle DDoS traffic citing the reason DDoS attacks like the one on Dyn are so effective is because ISPs are not able to identify and block malicious traffic before traffic overloads occur. It’s an interesting...