The security market has been heating up. With the acquisition of McAfee by Intel Corp for $7.68 billion and ArcSight by Hewlett-Packard for $1.5 billion. Now its time to start looking for new startups. Two companies have caught my eye as they focus on two areas ripe for new ventures– security management and on-demand. identity [...]
Archive for the ‘Business’ category
Two Security Startups To Keep An Eye On
February 8, 2011Akshay’s Uncertainty Principle: Observing Some Metrics Changes Them
September 24, 2010You’ve probably heard of the famous Heisenberg Uncertainty Principle in Quantum physics. It states “The more precisely the position is determined, the less precisely the momentum is known in this instant, and vice versa.” –Heisenberg, uncertainty paper, 1927 This principle is related to the observer effect. In physics, the term observer effect refers to changes [...]
The McAfee Way: Don’t follow it!!
April 25, 2010The chronicles of McAfee’s shoddy security updates have been well chronicled. If you haven’t been following this, let me summarize the situation for you. McAfee sent out a security update that led millions of uninfected machines to think they were infected leading McAfee to commit hara-kiri on themselves. Clearly, this did not make any of [...]
The InfoSec X Prize: Fundamental Change Through Competition
January 22, 2009Today I had a thought provoking conversation with Dr. Peter Diamandis, Chairman and CEO of Zero Gravity Corporation & X Prize Foundation, on radical & fundamental change. Change that advances the status quo rather than relying on incremental change for gradual advance. Arguably the Ansari X Prize (and others in the hopper) have achieved some [...]
Business During Downturn: The Chain Of Trust
December 18, 2008Business during economic downturns brings to the surface the tiny fractures that were unnoticeable during the good times. It is a fertile ground to relearn some of the lessons of the past & form wisdom for the future. I am going to try and capture some of the learning during this new series Business During [...]
Meter This: Practical Application Of Power Drain Attack
August 15, 2008Last week while feeding my caffeine addiction I came across an article in the New York Times titled Can’t Find a Parking Spot? Check Smartphone. In order to reduce traffic congestion and fuel consumption, the city of San Francisco is implementing a new system that will help detect empty parking spots in downtown. Now clearly [...]
My BlueHat Talk: Suddenly Psychic
July 15, 2008Just got word that my talk Suddenly Psychic: Knowing everything about everyone was accepted at Microsoft’s BlueHat Security Conference on October 16-17th. Sometimes when you go blue… you really go blue. Over the course of the next few months my buddy Nitesh Dhanjani and I will be presenting our research on how the business, psychological [...]
Application Security Development Lifecycle 5A: Is Threat Modeling Right For You?
June 14, 2008Several enterprises are increasingly investing time and money in building application security tasks into their existing SDLCs. Some of them have also reached the conclusion that proactive approaches , like threat modeling, have more ROI than reactive approaches. As a result, some enterprises with nascent appsec programs have turned to threat modeling as a panacea [...]
Application Security Development Lifecycle 4: Finding the right security talent
June 1, 2008After about an hour of nodding his head vigorously in agreement with some of our lessons learnt, my customer jumped up and exclaimed, ” Great!! Now where do I find another 20 people like these?” (pointing to my team)… I thought about it a while and so Mr. B here is your answer: Information security [...]
Application Security Development Lifecycle 3: Funding Models
May 8, 2008Technorati Tags: Security,SDLC,Business Now that you’ve decided (or battled) to set up an application security program you realize that it actually needs to get funded. You must master the art of delicately drinking from the fire hydrant of line of business applications. In my experience helping organizations set up their application security programs funding was [...]
