Aerospike Wants To Rocket To The Top Of NoSQL

A new podcast for the new DevOps.com website hosted by Mitchell Ashley and Alan Shimel. This is the introduction episode with a review of the first articles on DevOps.com

In this episode I am once again joined by my co-host, Mitchell Ashley and our guest is Michael Sutton, VP of security research at Zscaler. The topic is APT: Advanced Persistent Threat, the security threat everyone loves to hate. Many people think that APT have been over-hyped by both the infosec media and APT vendors who have ridden the APT scare to fame and fortune (well to fortune anyway).  But APTs are real. Whether by spear phishing or water hole drive by downloads, targets are being infected with APT attacks, Once infected they are used to first infiltrate and then exfiltrate from high value networks. Some APTs are the work of nation-state entities for strategic goals, others are financial in motivation. But they are seldom random.  Michael tells what Zscaler is doing to combat APTs. Mitchell and I have our own views on this whole class of attack and it makes for a good listen.   Enjoy!

Sort of like Dean and Jerry getting back together Mitchell Ashley and I are podcasting together again! It was like old times with Mitchell as we settle into speak about what he has been up to over the last few years. We discuss the recent AWS re:Invent conference, the cloud, IT, DevOps, etc. We only take this out for a 20 minute spin so it is a quick listen. Hope you find it as interesting and fun as we did. We will be hosting another episode next week with a special guest as we discuss APT. Here are links to some of the stuff Mitchell and I discussed: Bblog post on CIO role: http://goo.gl/fzH5K The CIO Role - From Tech Manager to IT Services Broker AWS reference architectures. - cloud bursting - https://devcentral.f5.com/articles/aws-reinvent-2013-cloud-bursting-reference-architecture-feat-pearce - cloud migration - https://devcentral.f5.com/articles/aws-reinvent-2013-cloud-migration-reference-architecture-feat-pearce#.UoZvkGRgZIA

The University of Idaho was fined over 400k by the Departmenet of HHS recently for a breach that involved a clinic operated by the university turning their firewall off for 10 months. That seems pretty obvious to security folks, but goes to show that HIPAA fines are real. I am joined in this podcast by Steve Spearman of Health Security Solutions, Billy Austin of iScan Online and Tim Woods of Firemon as we talk about what you can do to keep your firewalls up, secure your endpoints, find ePHI and avoid being the next big HIPAA story. Enjoy!

HIPAA, HITECH and other regulatory compliance mandates have given many a health care professional headaches. It is hard enough practicing health care, dealing with complex insurance regulations and running a business. Making sure you comply with the latest patient confidentiality and security laws are frankly beyond many health care providers. Who are they going to call? That is where Steve Spearman and his company Health Security Solutions comes in. Steve's company have become the HIPAA experts for health care providers throughout the country. I had a chance to speak with Steve and find out how he makes these complex regulatory compliance issues doable for the doctors. Have a listen and you can learn too!

This episode of the Open Network is with Jason Brvenik, VP of Security Strategy at Sourcefire. Jason and I speak about the recent trend in security that acknowledges that successful attacks happen and we need to put resources into response, potentially at the expense of resources dedicated to prevention. Which is more important? Jason's expertise in security gives us great insight into this question as well as some great advice for what you need to do in putting your security strategy in place. Enjoy!

One of my favorite people in the security industry is my friend Wendy Nather, Director of Security Research for 451 Research. Wendy has a new report coming out on the "real cost of security". This is somewhat of a follow up to her earlier "security below the poverty line" report. Wendy likes to look at what type of security CISO's think they need and what it actually costs. It is always educational and fun to hear what Wendy has to say. Enjoy!

I am very pleased to report that once again the good folks over at Microsoft's Trustworthy Computing Group have agreed to sponsor the Security Bloggers Network.  The SBN has a long history of working with TWC and we are happy to work with them again. Microsoft is holding their second annual Security Development Conference in San Francisco, May 14-15, 2013. The conference will feature Scott Charney, Corporate VP Trustworthy Computing, Microsoft; Edna M Conway, Chief Security Strategist Global Supply Chain, Cisco Systems; Brad Arkin, Senior Director of Security Adobe Secure Software, Engineering Team (ASSET). Conference specialty tracks target three different types of professionals: Engineers, Project Management, and Leadership. Combining keynotes from thought leaders as well as specialized breakout sessions, this conference is a can’t-miss for security professionals at any level. You can register now! I had a chance to chat with director of TWC Tim Raines. We were going to talk about the conference, but Tim and I started talking about the TWC, the world of security and what the challenges on the horizon are. By the time we were done, we never got to the conference, LOL! Anyway, I think you will find the conversation very interesting. Enjoy and if you can go to the conference.

This third in a series of podcasts about RSA 2013 and the the Alert Logic partner pavilion is with Urvish Vashi, VP of marketing at Alert Logic. Urvish gives us the behind the scenes thinking on why Alert Logic thought it was important that they exhibit with some of their leading partners at RSA this year. He also tells us that it was not difficult to convince these partners that exhibiting at RSA was good for them. In fact it was somewhat of a no brainer for them. I know Urvish for many years and he is a sharp thinker who understands the market and the technology. This is a short conversation and well worth the time to listen in.

RSA Conference is where the world gathers around information security.  This year in addition to their own exhibit, Alert Logic is also hosting a partner pavilion where 5 of the leading hosting and cloud providers in the world will be exhibiting as well. I had a chance to speak with Chris Patterson, VP of Product Management at Navisite, one of the Alert Logic Partners exhibiting. Chris is one of the driving forces behind the Navi cloud.  He also has some great insight into the state of cloud security and what market drivers are influencing the direction of future innovation. Chris shares some great insight into Navisite's offerings including not just cloud, but security, managed desktop and the state of the market. It is a great conversation and worth the listen!