Buffer overflow is what happens when a program or process attempts to write too much data to the buffer, a segment of computer memory reserved for temporary data storage. Continued…
Quote of the Day
“We are still seeing a lot of the same techniques to hack applications as we have previously seen. For example, buffer overflows, along with poor coding still remain two of the biggest application security issues.” — David Smith
How do buffer overflow attacks work?
Home-grown apps are susceptible to buffer overflows, as are Windows and Linux apps. Part one of this two-part series shows how hackers can take control of your programs.
How can attackers exploit a buffer underflow vulnerability?
A vulnerability was recently discovered in the strong Swan open source VPN, and it caused a buffer underflow. Learn how attackers were able to exploit this vulnerability.
Spectre variant gives buffer overflow a new twist
New variants of the Spectre microprocessor bugs use buffer overflow-style attacks to run malicious code.
The unlikelihood of ‘IoT, secure by design,’ and what we can do about it
The ‘secure by design’ concept is a great idea in theory, but without automatic updates, IoT security will always be an issue. Minim’s Alec Rooney discusses.
Understanding the exploit market: How data breaches happen
Quickly upgrading software with the latest patches is essential when you understand how data breaches happen and how the exploit market can work against you when you have network and system vulnerabilities.
What type of security attack vector exploits the tendancy of people’s desire to be helpful?
Stress testing is the process of determining the ability of a computer, network, program or device to maintain a certain level of effectiveness under unfavorable conditions. Continued…
Quote of the Day
“Stress testing helps determine an application infrastructure’s breaking point and assists in exposing traffic bottlenecks.” – Amy Reichert
Windows troubleshooting tools to improve VM performance
Despite all the technological advancements in the data center over the last several years, administrators still need to roll up their sleeves and look under the hood of VMs with help from these Windows troubleshooting tools to keep workloads running smoothly.
Cloud application performance hinges on a solid testing plan
With the underlying hardware out of their reach, dev teams face a challenge when it comes to ensuring cloud application performance. Learn how quality control testing and related tools can help.
Learn the value of exploratory testing vs. scripted testing
In this episode of the Test and Release podcast, we dive into exploratory testing vs. scripted testing with Matt Heusser of Excelon Development. While each approach can be effective, these software testing methods can also supplement each other.
Five critical tests for cloud application performance, security
To ensure optimal cloud application performance and security, development teams must conduct regular tests around load, latency, user experience and more.
Which software testing tool best fits your project?
Expert Tom Nolle dug deep into two AI strategies and explained which software testing tool is best for your project and organization. Applitools focuses on new technology, while Functionize uses a more traditional style.
Ethical hacking is also known as penetration testing, intrusion _________________.
a. testing, and red teaming
b. testing and red teaming
Google Transfer Appliance is a high-capacity storage server that enables enterprises to transport large volumes of data to Google Cloud Storage. Continued…
Quote of the Day
“Organizations really aren’t all that fired up about migrating core back-end apps to the cloud. It’s the time and expense involved that stops them.” – Melanie Posey
Resistance to all-in cloud ERP systems is large
The big vendors would like customers to become users of cloud ERP systems. The reality is that on premises-to-cloud migrations are difficult, and some companies don’t want core data in the cloud. Hybrid may be the path of many.
Google cloud features evolve to turn up the heat on AWS
Google cloud features evolved significantly in 2017, with new services, such as its sneakernet service and managed instance groups, in an attempt to chase market leader AWS.
Google cloud data transfer appliance eases move to public cloud
Google has added a physical storage device akin to AWS Snowball to speed cloud data transfer from enterprise data centers to Google’s public cloud.
Google Cloud Platform services engage corporate IT
Google Cloud Platform services expanded in scope this year, but the company’s moves to address enterprise IT will make the biggest difference in 2018.
Three questions to ask before you migrate apps to public cloud
Before you migrate apps from on premises to public cloud, answer these three questions about requirements, migration approaches and popular tools.
Cloud computing can help a small business launch ________.
b. more quickly
Personal cloud storage (PCS) is a local network-attached storage (NAS) device that lets users store data, photos, music, videos and other files and is optimized for media streaming. Continued…
Quote of the Day
“Employees who copy files into their personal cloud-based file storage services and then access them later for work can unintentionally introduce security breaches.” – Diana Hwang
How does a WDC vulnerability put hardcoded passwords at risk?
Several serious vulnerabilities and a hardcoded backdoor were found in Western Digital’s My Cloud NAS devices and put hardcoded passwords at risk. Nick Lewis explains how this backdoor works and what organizations can do to mitigate it.
Wasabi Technologies eliminates cloud storage egress fees
Startup Wasabi Technologies shifts to a simplified pricing model, with no egress charges. What will it take for the big public cloud providers to follow suit?
How to meet HIPAA compliance requirements with personal cloud storage
As the adoption of personal cloud storage continues to rise, health IT must be discerning in choosing services that meet HIPAA compliance requirements.
Igneous Systems rocks unstructured data protection for NAS
Unstructured data protection provider Igneous Systems adds support for Dell EMC Isilon OneFS, Qumulo File Fabric and Pure Storage FlashBlade. Igneous targets large enterprises and data-centric organizations.
Google dives into elusive cloud file storage market
Storage has become synonymous with the cloud, but Google’s Filestore cloud file storage service highlights one of the major shortcomings across the major public clouds.
Instead of choosing _______ Dropbox, Google Drive and iCloud, people often use more than one cloud storage service.
NVMe (non-volatile memory express) is a host controller interface and storage protocol created to accelerate the transfer of data between enterprise and client systems and solid-state drives (SSDs) over a computer’s high-speed Peripheral Component Interconnect Express (PCIe) bus. Continued…
Quote of the Day
“NVMe over FC, also known as FC-NVMe, represents a critical next step in defining the future of the data center.” – Scott Sinclair
NVMe over FC is happening, and it’s time to prepare
It will be interesting to see how much NVMe over FC, part of the NVMe-over-Fabrics specification, lowers performance latencies in Fibre Channel SANs.
Broadcom preps for NVMe over Fibre Channel with Brocade gear
Broadcom ships Brocade 128-port, 32-gig FC switch and director blade, updates SAN management software to ease the way to NVMe over Fibre Channel while waiting for array support.
How NVMe technology and NVMe over Fabrics will change storage
NVMe technology is beginning to make significant inroads in the data center. The next step for many organizations is for NVMe over Fabrics to establish itself as a predominant networking protocol.
Cisco MDS FC Director switches expand with eye on NVMe
The 1U Cisco MDS 9148 comes with 24 ports for entry-level SANs Customers can light up to 48 ports in eight-port increments. The MDS 9396T switch has 48 ports and scales in 16-port increments, up to 96 ports. Cisco adds an automated SAN zone to ease transition to 32 Gbps FC.
NVMe SSD speeds explained
Ever wondered about the nitty-gritty details of NVMe SSD speeds and architectures? This in-depth explanation has you covered.
Servers equipped with flash storage are increasingly common and can _________ reduce latency.
Over-the-top (OTT) is networking lingo that describes the delivery of content, services or applications over the internet. Continued…
Quote of the Day
“OTT has changed the way we consume media and substantiated the business case for a new service provided at an attractive price that resonates with the end user.” – Jerome Rota
What’s the difference between pay TV, over-the-top (OTT) TV and over-the-air (OTA) TV?
Over-the-top (OTT) and pay TV are two business models that allow consumers to subscribe to television content. Learn how the different services allow customers to choose a viewing experience based on their preferences.
Midyear 2018 telecom trends: Operators broaden their focus
Checking in on midyear 2018 telecom trends: Service providers are battling declining profit per bit by investing in content and online advertising companies, rethinking their 5G wireless strategies and examining the best way to approach network automation.
OTT and IoT evolution: Consumer choice fuels innovation
There’s a multiparty face-off regarding the future of OTT and the TV ecosystem. It’s clear that the consumer is going to win regardless of who triumphs.
Over-the-top providers make your dumb pipe smart
Would you consider buying phone numbers wholesale from over-the-top providers? This interview examines the advantages of bringing OTT to your telecom services.
Look to over-the-top services to secure mobile, says specialist
Mobile network operators should look to 3G and 4G while enterprises should consider OTT services to provide the best security, says telecommunications industry veteran and pioneer Charles Brookson.
In many places that _______ have broadband internet, enjoying quality OTT content can be difficult because the bandwidth is simply not there.
LARP (Live Action Role Playing), also called LARPing, is a character-driven type of gameplay that is conducted in the physical world. Continued…
Quote of the Day
“There has been a drive from developers toward creating general applications that are more social; many mobile games have become more and more focused on communities.” – Ritesh Mehta
IoT gives the mobile gaming industry a facelift
The mobile gaming industry is getting a makeover thanks to the internet of things. Tatvasoft’s Ritesh Mehta explains how IoT and gaming go hand in hand.
AR/VR is changing the way enterprises do business – ready to jump in?
Augmented reality and virtual reality technologies aren’t just for gamers anymore. Harman’s Andrew Till explains how AR/VR is changing the enterprise as we know it.
Time for developers to get real about augmented reality technology
Augmented reality technology blends virtual reality with real-world images to create immersive user experiences. Developers need to get ready — really.
HR plays to win with gamification for learning
Gamification for learning can help boost engagement and contribute to employee experience. Here’s a look at how some companies are using the concept.
Uses for augmented reality and virtual reality come into focus
The various uses for augmented reality, mixed reality and virtual reality technologies promise to reshape the IoT market by turning data into action.
Augmented reality seems futuristic but ____ potential has already begun to be realized.
Hyper-converged software is a type of virtualization platform that turns a commodity server into a hyper-converged appliance that includes compute, storage and server virtualization in one box. Continued…
Quote of the Day
“Hyper-converged infrastructure software offers many of the same advantages of traditional hyper-converged systems, while greatly loosening the restrictions on hardware.” – Brien Posey
Hyper-converged software: Eight things you need to know
Using hyper-converged software as the basis of a DIY HCI platform can bring great benefits to the right kind of IT operation. But before choosing to go down the self-built HCI path, you need to consider costs, support, and development and implementation times.
Hyper-converged infrastructure software aids IT flexibility
If you are worried about having to scale all components in your organization’s HCI platform at the same time, hyper-converged infrastructure software might be the solution. Installing software on existing hardware can mean you can scale storage independent of compute.
Hypervisor software and your hyper-converged infrastructure
The hypervisor software in your organization’s HCI system may not get as much attention as storage or compute, but it is just as important.
Seven hyper-converged software options for DIY HCI
Which hyper-converged software options are available to shops that already have hardware in place? Offerings from Atlantis, Maxta and VMware top the list.
HCI software platforms come with challenges, benefits
Fears of vendor lock-in prompt IT to evaluate HCI software-only options to offer greater flexibility, despite possible hardware compatibility concerns.
_________ of the cost, we should seriously think about moving to a converged infrastructure.
An EV SSL certificate (Extended Validation SSL certificate) is an enhanced computer networking protocol for securing connections between network application clients and servers over an insecure network, such as the internet. Continued…
Quote of the Day
“EV SSL certificates enhance credibility by showing discerning consumers that a prospective transaction is with a legitimate recipient and that the site is serious about protecting the data of its customers.” – Michael Fowler
Running a private certificate authority: What are the risks?
Running a private certificate authority can be a challenge. Here’s how your security team can handle the situation and meet baseline requirements.
How to address key SSL security issues and vulnerabilities
SSL security issues are growing, from vulnerabilities in outdated versions to questionable certificates. Find out how to address these problems.
23,000 Symantec certificates revoked following leak of private keys
DigiCert had more than 20,000 Symantec certificates revoked after reseller partner Trustico exposed the certificates’ private keys.
How to buy digital certificates for your enterprise
If you’re in the market to buy digital certificates, read this guide to learn what features are essential and how to evaluate the available options.
What risks do untrusted certificates pose to enterprises?
Untrusted certificates are still in use across major websites, even after Google and Mozilla announced plans to stop trusting them. Here’s a look at some possible security risks of continuing to use these digital certificates.
Ideally, digital certificates are ________ compatible with older browsers and operating systems, a concept known as ubiquity.
A multi-cloud strategy is the use of two or more cloud computing services. Continued…
Quote of the Day
“Regardless of how many or which clouds you use in your multi-cloud strategy, one thing remains the same: It’s all about protecting and managing data wherever it resides.” – Dave Raffo
Who needs a multi-cloud environment and how best to deploy one
A multi-cloud environment isn’t right for every business. But for those that need service reliability, data privacy and flexibility in the cloud services they use and cost-effective services, a multi-cloud approach might be the answer.
The best multi-cloud strategy is to just ignore the hype
A multi-cloud strategy is only useful if you have a clear understanding of what it means and the technical constraints to operate multiple IaaS clouds.
A multi-cloud strategy provides more options and headaches
Multi-cloud strategy has taken over the cloud conversation. It’s no longer a matter of how to use the cloud, but rather how to play to the strengths of the various cloud service providers.
Don’t let Kubernetes services stall a multi-cloud strategy
While managed Kubernetes services from AWS, Google and Microsoft have their perks, they aren’t necessarily conducive to portability in a multi-cloud strategy. Certain third-party tools and deployment tips, however, offer a workaround.
Four situations where a multi-cloud strategy makes sense
A multi-cloud strategy is best for businesses needing to protect against data loss and ensure business continuity. It’s also a good way to protect privacy, provide flexibility and optimize the whole cloud experience.
Brokers must work closely with cloud providers, while also _________ their services to appeal to customers.