Imperva Blog|Login|中文Deutsch日本語

Podcasts

Launch iTunes & Subscribe  Imperva on iTunes Hide Descriptions
Selected Tag: Customer | Show All
Securing Mission-Critical Web Applications -- An interview with Catho Online CTO - Marcelo Roberto Riberio

Securing Mission-Critical Web Applications -- An interview with Catho Online CTO - Marcelo Roberto Riberio


Marcelo, CTO of Catho Online in Brazil, discusses the importance of Web application security for one of the largest job-search websites in South America.

Catho Online is the largest job-search website in South America, and one of the top 15 in the world. It is the market leader in its segment. With the slogan "your success is our business", the company's main objective is to facilitate hiring processes, as a liaison those looking for new challenges with hiring companies.

Marcelo Roberto Ribeiro has been the CTO at Catho Online since 2007. His goal is to turn Catho's network and security infrastructure into a high-availability, cutting-edge technology environment, meant to work like the major internet providers, focused on availability, performance, integrity, security and professionalism.

Marcelo has over 25 years of experience in Information Technology, majored in Information Technology and Business Administration, and has experience working in different industries: Internet Service Provider, Telecom Operator, Pulp and Paper, Oil, and others.

To download a Portuguese version of the transcript, click here.

Tags: Marcelo Roberto Ribeiro, WAF, Application Security, Catho Online, Customer

Play Podcast Podcast Transcript (PDF)
Data Security at a Non-Profit Radio Station -- An interview with Juan Walker

Data Security at a Non-Profit Radio Station -- An interview with Juan Walker


On this episode of the Imperva Security Podcast Juan Walker -- Database and Data Security Advisor with the Educational Media Foundation (EMF) is interviewed.

Juan and I discuss the need for non-profits to protect sensitive information such as donor details. The key to a solid security strategy for EMF is data security, so Juan talks about a number of controls that EMF has in place including the Imperva Database Activity Monitoring (DAM) solution. Juan discusses why the Imperva DAM was chosen over several competitors, how it is currently used to address security and compliance, as well as some of the early wins it has given them related to data discovery and reporting.

Juan Walker is Database and Data Security Advisor for the Information Technology Team at EMF Broadcasting, which is KLOVE and Air-1 Radio Network with over 610 Stations and Translators in 46 States. Juan has over 15 years of experience in Database Architecture and Administration, and extensive knowledge in encryption and data security. Prior to EMF Broadcasting Juan worked as a Database Administrator at Microsoft Corporation and Senior Data Architect at Georgia Pacific Corporation. He has received certifications from SANS and ISC2.

Tags: Juan Walker, Educational Media Foundation, Customer, DAM, Data Security

Play Podcast Podcast Transcript (PDF)
Leveraging WAF and DAM for Protecting Data, Securing Servers, Meeting Partner Requirements, Addressing PCI, and Beyond -- an Interview with Richard Collins from Imperva Customer TechSoup Global

Leveraging WAF and DAM for Protecting Data, Securing Servers, Meeting Partner Requirements, Addressing PCI, and Beyond -- an Interview with Richard Collins from Imperva Customer TechSoup Global


On this episode of the Imperva Security Podcast Richard Collins from TechSoup Global talks about using Imperva SecureSphere WAF and DAM solutions. He discusses key drivers such as sensitive data protection, securing mission-critical servers, addressing partner concerns over data security from Microsoft, Adobe, and Intuit (which require their partners to have strong data security solutions), and addressing PCI.

Richard also discusses how WAF can be used as a unifying technology that brings together development and operations teams. Finally he explains why he chose Imperva SecureSphere above competitors, and how Imperva offers the best solution for TechSoup Global by providing a superior: user interface, policy management system, profiling and learning capability, architecture flexibility, and ability to integrate database and Web application protection through a single solution.

Mr. Collins is the Senior Director for Information System Security for TechSoup Global, a nonprofit organization that helps nonprofits in 31 countries around the world get and use technology to better serve their missions. In addition, TechSoup Global works with companies and foundations to optimize their philanthropic impact.

At TechSoup Global, Mr. Collins is in charge of security strategy and security policy to protect data and information systems across the organization. He is also responsible for senior project management, consulting, and coordination for all security and system-stability related projects.

Mr. Collins is currently leading several security projects including achieving PCI compliance, providing security and risk protection across the architecture stack, and embedding security into systems development, operations planning, and implementation processes.

A 20-year industry veteran, Mr. Collins has held positions ranging from programmer analyst to CIO in a wide range of industries including banking, telecommunications, publishing, and technical consulting services. Mr. Collins holds a Masters Degree in Information Systems and Telecommunications Management.

Tags: Customer, WAF, DAM, Richard Collins, TechSoup Global, Sensitive Data, Compliance, PCI

Play Podcast Podcast Transcript (PDF)
Protecting Web Portals and Bringing Together Security Operations and Development with the Imperva SecureSphere WAF at Telefonica O2 Germany -- an Interview with Daniel Stricharz

Protecting Web Portals and Bringing Together Security Operations and Development with the Imperva SecureSphere WAF at Telefonica O2 Germany -- an Interview with Daniel Stricharz


On this episode of the Imperva Security Podcast Daniel Stricharz is interviewed. He shares his experiences around choosing, implementing and operating the Imperva SecureSphere Web Application Firewall (WAF). He shares a number of examples where WAF helped Telefonica discover and address application vulnerabilities. He also discusses:
  • Drivers to implement WAF in large, complex, telco
  • Bringing together security operations and developers with WAF
  • Business logic attacks and application profiling
  • What to look for in a WAF
Daniel Stricharz is a senior security and infrastructure specialist at Telefonica O2 Germany responsible for the customer portals and their value-added services. Stricharz has studied law and computer science. Before he joined the telecommunications area in 2000 he worked as a consultant both in the IT and legal area for international businesses. His knowledge of emerging German legislation, cyber-crime, and cyber-law has helped to reconcile both specific legal and complex technical requirements. He initially specialized in data protection law and its technical implementation until he moved on to cover the full range of security aspects from product development to the operations of on-line services.

Telefonica O2 Germany GmbH & Co. OHG belongs to Telefonica Europe and is part of the Spanish telecommunication group Telefonica S.A. The Company offers its German private and business customers postpaid and prepaid mobile telecom products as well as innovative mobile data services based on the GPRS and UMTS technologies. In addition, the integrated communications provider also offers DSL fixed network telephony and high-speed internet. Telefonica Europe has nearly 47 million mobile and fixed network customers in Great Britain, Ireland, the Czech Republic, Slovakia and Germany.

In Germany, where the company is known simply as O2 with its head quarter located in Munich, Germany, has a customer base of more than 14.5 Million. Besides its more than 750 shops O2 operates a massive online portal, offering services ranging from an on-line shop over a complex web-based email solution, to a range of self-service opportunities for the customers and a huge number of other mobile services that help enrich the customers' mobile experience.

Tags: Daniel Stricharz, Customer, Telefonica O2 Germany, WAF, Business Logic Attacks, Application Profiling, Web Portal Security

Play Podcast Podcast Transcript (PDF)
Database Activity Monitoring (DAM) for State-Wide Healthcare Programs -- Gary Lilley, an Imperva Customer, Shares his Experiences

Database Activity Monitoring (DAM) for State-Wide Healthcare Programs -- Gary Lilley, an Imperva Customer, Shares his Experiences


On this episode of the Imperva Security Podcast Gary Lilley from an anonymous state agency talks about choosing, deploying, and using Database Activity Monitoring (DAM) solutions. He shares his experiences with Imperva SecureSphere, why Imperva was chosen, and some of the value already achieved.

Currently working on a state-wide, healthcare database activity monitoring project, Gary Lilley is a Senior Enterprise Solutions Architect at HP with Nineteen years + of experience in software system design, development, implementation with extensive experience in government systems, large scale chain retail, data management, manufacturing, distribution, translation software, within the computer industry, banking, EDI and most translators across all hardware platforms.

Tags: Gary Lilley, Customer, State Government, Database Security, Database Audit, Database Activity Monitoring, DAM

Play Podcast Podcast Transcript (PDF)
Using WAF in Complex, Global Environments -- an Interview with Marc Appelbaum -- Imperva Customer and Manager of Information Security for Vonage

Using WAF in Complex, Global Environments -- an Interview with Marc Appelbaum -- Imperva Customer and Manager of Information Security for Vonage


On this episode of the Imperva Security Podcast Marc Appelbaum is interviewed. Marc discusses the importance of application security at Vonage. He details several projects that are aimed at protecting Vonage as well as Vonage partners and customers. Marc also shares his views on application security as it relates to vulnerability scanning, the Imperva SecureSphere Web Application Firewall (WAF), and the integration of the two.

Marc Appelbaum is Manager of Information Security for Vonage, a leading provider of broadband telephone services. Marc is responsible for all Information Security functions for Vonage worldwide. Under Marc's leadership Vonage has deployed several security initiatives, including a Global Vulnerability Management Program, a Global Security Information Management System, and security awareness programs. Marc also developed policies and procedures that now involve the Security team in all technology projects. Marc also maintains the responsibility for ensuring IT Compliance with all government and industry regulations (i.e. SOX, PCI, CPNI, etc.).

Prior to joining Vonage, Marc was at Dow Jones & Co. for about 10 years. During that time Marc served in various roles, most recent as Security Architect introducing several new technologies to replace legacy equipment and establishing firewall guidelines. Marc began with Dow supporting the WSJ.COM website.

Tags: Marc Appelbaum, Customer, Practitioner, WAF, Vonage

Play Podcast Podcast Transcript (PDF)
Interview with Joe White -- Imperva Customer and Web Application Security Practitioner:  Getting Started in Web Application Security

Interview with Joe White -- Imperva Customer and Web Application Security Practitioner: Getting Started in Web Application Security


On this episode of the Imperva Security Podcast Joe White is interviewed. This is the second in a series of podcast interviews where Joe White and Brian Contos will discuss various topics related to application and data security.

Joe talks about getting started in Web Application Security. He discusses several tools and resources useful for those that are new to this industry and for seasoned experts. Here are some examples.In addition to working for a large SaaS provider in Northern California that's an Imperva Customer, Joe White is President of Cyberlocksmith Corporation, and specializes in Information Security and technology risk. He is a Subject Matter Expert in Internet, Extranet, and Intranet security risks and network penetration techniques. He has 15+ years of Information Technology experience including SOA, SaaS, Information Security, and Systems. Joe has focused expertise in securing web applications and extensive knowledge of networking, routing protocols switching and remote access methodologies. Over the years, Joe has participated in numerous penetration tests and ethical hacking engagements and comes to Web Application Security after spending many years involved in traditional infrastructure/operations security. Finally, with 10+ years of Business Development experience Joe offers a unique perspective on the marriage between business and technology.

Tags: Joe White, Customer, Practitioner, WAF, Getting Started with Web Application Security

Play Podcast Podcast Transcript (PDF)
Interview with Joe White -- Imperva Customer and Web Application Security Practitioner

Interview with Joe White -- Imperva Customer and Web Application Security Practitioner


On this episode of the Imperva Security Podcast Joe White is interviewed. This is the first in a series of podcast interview where Joe White and Brian Contos will discuss various topics related to application and data security.

Joe shares his perspectives on the current state of application security. He discusses some of the history and current gaps as well as technical and political issues. Joe also discusses Web Application Firewalls (WAF)-- what they can be used for in addition to firewalling, and where they fit within a holistic security program.

In addition to working for a large SaaS provider in Northern California that's an Imperva Customer, Joe White is President of Cyberlocksmith Corporation, and specializes in Information Security and technology risk. He is a Subject Matter Expert in Internet, Extranet, and Intranet security risks and network penetration techniques. He has 15+ years of Information Technology experience including SOA, SaaS, Information Security, and Systems. Joe has focused expertise in securing web applications and extensive knowledge of networking, routing protocols switching and remote access methodologies. Over the years, Joe has participated in numerous penetration tests and ethical hacking engagements and comes to Web Application Security after spending many years involved in traditional infrastructure/operations security. Finally, with 10+ years of Business Development experience Joe offers a unique perspective on the marriage between business and technology. Joe presented at OWASP in September 2008, and his presentation Web Application Security Roadmap can be found here.

Tags: Joe White, Customer, Practitioner, WAF, OWASP

Play Podcast Podcast Transcript (PDF)
Selected Tag: Customer | Show All
Launch iTunes & Subscribe Request More Information