Training and Testing Environments, Keep it Real!

First, what are testing and training environments? A testing environment is a setup of the software and hardware (physical or virtual) on which the testing team is going to test the newly developed software or software updates. A training environment is often a “small” replica of the production environment, in which employees are being trained on new […]

Read More

The Lack of Database Encryption Efficiency

Each time people use the sequence of words: “Database Encryption” it provides them with some sort of false tranquility. A famous CISO of a large company said the following to me two months ago. “Ohhh, I use database encryption, I don’t see any added value in a database security solution”. Database encryption, all started: many many […]

Read More

The NSA is not alone – Governments can get to you anytime, anywhere!

For the past two decades, the Internet revolution has expanded everywhere, and it’s not done yet. The 1990’s  marked the exposure and availability to a single unified interconnected network where anyone can communicate in many different ways. While we were all mesmerized by the new possibilities for new technologies, most governments realized that this route of […]

Read More

The Human Vector: How Social Media Can Put your Company Risk

The Information Security Layers model tries to map and harden the possible affected exposed vectors of an organization. In the early days it was mostly about external threats, so we all placed firewalls, secure mail gateways, web filtering and intrusion prevention systems to cover any external connectivity such as the internet and intranet connections we had. […]

Read More

Hey hacker, publish my sensitive data. Please!

Isn’t it a shame that we have entered an era where we actually want hackers to publish our sensitive information just so we’ll know we’ve been breached? Many in the field of information security and data leakage prevention know that tons of the most sensitive information stolen from endless amounts of breaches is being dumped by hacker groups and […]

Read More
Uber Data Breach

Another one bites the dust.. and this time Uber!

Uber, which provides a smartphone-based transportation and ride sharing service, says it was the victim of a database breach that compromised personal information of about 50,000 of its U.S. users. “On September 17, 2014, we discovered that one of our databases could potentially have been accessed by a third party,” Katherine Tassi, Uber’s managing counsel […]

Read More