Posts Tagged 'data protection'
Google Apps for Work advertises itself as “Business email, calendar, storage and more – An all-in-one suite to communicate, store and create.” Not surprisingly, in a brief phrase Google has captured the essence of a series of benefits of the cloud. Organizations are struggling with expertise, costs, security, privacy, and the contest between time and […]
Web security is serious business for this global manufacturer, a maker of a wide and diverse range of industrial and consumer products. To overcome their current IT hurdles, this manufacturer chose a solution that saved them over one million in IT costs, purely from reducing time spent tackling issues. In true David vs. Goliath fashion, […]
Working for a Level 1 trauma center and the busiest emergency room in New England, Boston Medical Center CISO Sumit Sehgal is acutely aware of the role information security plays in keeping critical systems, applications, and data safe so patients can leave the facility in better shape than they arrived. According to Sehgal, one of […]
After applying Microsoft’s June patch, we noticed some interesting changes that prevent a security bypass of Windows’ Control Flow Guard (CFG). The changes are in the Shader JIT compiler of the Windows Advanced Rasterization Platform (WARP) module (d3d10warp.dll). The Shader JIT compiler could formerly be used to create a CFG bypass. CFG is known to […]
When determining black-box or gray-box application security (penetration testing), an assessor mostly concentrates on the top 10 Open Web Application Security Project vulnerabilities and rarely worries about testing race-condition issues. The general consensus is that race-condition attacks are unreliable and cannot be identified using the black-box/gray-box approach. Consultants have typically relied upon source code review […]