Cloud Zone is brought to you in partnership with:

Brian is Sr.Director of Cloud Solutions at EMC, as well as founder of Cloudcast Media. He is a VMware vExpert, holds CCIE #3077, and an MBA from Wake Forest. Brian's industry viewpoints and writings can also be found on twitter (@bgracely), on his blog "Clouds of Change" (http://cloudsofchange.com) and he co-hosts the award-winning weekly podcast "The Cloudcast (.NET)" (http://thecloudcast.net) with Aaron Delp (@aarondelp). Brian is a DZone MVB and is not an employee of DZone and has posted 207 posts at DZone. You can read more from them at their website. View Full User Profile

Threat Protection vs. Threat Detection

02.26.2013
| 3266 views |
  • submit to reddit

The Cloudcast (.net) #75 - Threat Protection vs. Threat Dectection (28:58)

Date: February 24, 2013

By: Aaron Delp and Brian Gracely

Description: Aaron and Brian Katz (@bmkatz) talk with Simon Crosby (@simoncrosby, Founder/CTO at Bromium) about the landscape of security threats on the Internet, recent high-profile hackings, and an update on how Bromium vSentry is setting the new benchmark for security lab results and protection.


Topic 1 - Tal Klein (@VirtualTal put up a great post this week about NBC.com getting hacked.  Tell us a little about that day and your analysis of that attack in real time. (Key take away, Bromium used their production, corporate laptops, not an isolated lab environment). Tal’s comment: Browsing the web without fear of compromise. Link: http://blogs.bromium.com/2013/02/21/so-nbc-com-got-hacked-so-what/

Topic 2 - The bigger story of the week is your NSS labs testing results.  You also did a post on that and you did very well.  You mention the bar has been raised in the threat protection (instead of detection) industry. Who is NSS Labs and why is this so important. Link: http://blogs.bromium.com/2013/02/20/cyber-rattling-is-a-convenient-excuse-for-security-vendor-failures/

Follow Up: Has anyone ever scored 100% before?

NSS Labs testing verified that Bromium vSentry managed to defeat and automatically remediate all attacks, including 166 embedded exploits delivered via email to Microsoft Outlook®, 153 drive-by attacks delivered via HTTP and HTTPS, and 15 advanced attacks using the Metasploit penetration testing toolset that incorporated advanced obfuscation and evasion techniques in an attempt to bypass protection.”

 

Published at DZone with permission of Brian Gracely, author and DZone MVB. (source)

(Note: Opinions expressed in this article and its replies are the opinions of their respective authors and not those of DZone, Inc.)