Comments on: New year’s resolutions & predictions http://www.slaviks-blog.com/2009/12/23/new-year%e2%80%99s-resolutions-and-predictions/ Slavik's Blog Wed, 14 Dec 2011 10:35:06 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: carlossaid http://www.slaviks-blog.com/2009/12/23/new-year%e2%80%99s-resolutions-and-predictions/comment-page-1/#comment-4095 carlossaid Fri, 08 Jan 2010 19:50:48 +0000 http://www.slaviks-blog.com/?p=202#comment-4095 Another topic that I think will growth (in terms of the number of vulnerabilities) will be related to 'virtualization'. I´m not sure, yet, about how this will impact environments with DBs running on virtual environments. If you read the theory, seems that 'all will run smoothly' on virtual mode. Just a number of machines over a minumx boxes. But I'm not sure. I would like to see numbers related to really productive sites, and critical data and companies, running virtualized, AND the number of attacks and vulnerabilities. I know that this is just my opinion, and opinion without numbers are nothing. But.... Thanks Another topic that I think will growth (in terms of the number of vulnerabilities) will be related to ‘virtualization’.
I´m not sure, yet, about how this will impact environments with DBs running on virtual environments.
If you read the theory, seems that ‘all will run smoothly’ on virtual mode. Just a number of machines over a minumx boxes.
But I’m not sure. I would like to see numbers related to really productive sites, and critical data and companies, running virtualized, AND the number of attacks and vulnerabilities.
I know that this is just my opinion, and opinion without numbers are nothing.
But….

Thanks

]]> By: carlossaid http://www.slaviks-blog.com/2009/12/23/new-year%e2%80%99s-resolutions-and-predictions/comment-page-1/#comment-4094 carlossaid Fri, 08 Jan 2010 19:42:49 +0000 http://www.slaviks-blog.com/?p=202#comment-4094 I will give my view about the first point: 'hackers having better tools'. I think that we must introduce in the reasoning that there are new tools and startup emerging that try to cover the pen test and sw testing procedure (black, white, grey box). This tools may have prices that goes from very expensive to 'feasible'. So: I agree that hackers are going to have better tools, but companies have access to better protection tools. Will need to see in the next months, if the number of sites really hacked are the ones that decide to introduce new tools, or just the ones that stay 'quiet' / keeping the current status-quo. Thank I will give my view about the first point: ‘hackers having better tools’.
I think that we must introduce in the reasoning that there are new tools and startup emerging that try to cover the pen test and sw testing procedure (black, white, grey box). This tools may have prices that goes from very expensive to ‘feasible’.
So: I agree that hackers are going to have better tools, but companies have access to better protection tools. Will need to see in the next months, if the number of sites really hacked are the ones that decide to introduce new tools, or just the ones that stay ‘quiet’ / keeping the current status-quo.
Thank

]]> By: Slavik http://www.slaviks-blog.com/2009/12/23/new-year%e2%80%99s-resolutions-and-predictions/comment-page-1/#comment-4084 Slavik Mon, 28 Dec 2009 18:15:37 +0000 http://www.slaviks-blog.com/?p=202#comment-4084 Hi Adrian, thanks for the comment. I've seen the rare occasion where the compliance efforts kicked a well thought out and broad security project going well above and beyond the requirements but indeed the norm is doing only the "bear minimum". Regarding Hedgehog and MySQL - Hedgehog will fully support MySQL in 2010. Hi Adrian, thanks for the comment.
I’ve seen the rare occasion where the compliance efforts kicked a well thought out and broad security project going well above and beyond the requirements but indeed the norm is doing only the “bear minimum”.
Regarding Hedgehog and MySQL – Hedgehog will fully support MySQL in 2010.

]]> By: Adrian Lane http://www.slaviks-blog.com/2009/12/23/new-year%e2%80%99s-resolutions-and-predictions/comment-page-1/#comment-4082 Adrian Lane Sun, 27 Dec 2009 01:56:51 +0000 http://www.slaviks-blog.com/?p=202#comment-4082 Compliance is meant to kick laggards into action and raise their performance to a minimum acceptable level. Of course it will remain a "bare minimum". Regulatory requirements are aimed at those who likely would do nothing without the threat of fines. == Totally agree that databases in the cloud will be a trend. Not to tweak the Hedgehog's tail ... but does this mean Hedgehog will support MySQL? I did not see that listed on the web site. Compliance is meant to kick laggards into action and raise their performance to a minimum acceptable level. Of course it will remain a “bare minimum”. Regulatory requirements are aimed at those who likely would do nothing without the threat of fines.
==
Totally agree that databases in the cloud will be a trend. Not to tweak the Hedgehog’s tail … but does this mean Hedgehog will support MySQL? I did not see that listed on the web site.

]]>