Imperva Blog|Login|中文Deutsch日本語

Podcasts

Launch iTunes & Subscribe  Imperva on iTunes Hide Descriptions
Selected Tag: ISO | Show All
GLBA co-author, Paul Reymann talks about GLBA, compliance and security within the financial industry

GLBA co-author, Paul Reymann talks about GLBA, compliance and security within the financial industry


On this episode of the Imperva Security Podcast Paul Reymann - CEO of the Reymann Group & co-author of GLBA talks about the financial industry, and how security and compliance have been changing. He also touches on financial modernization, the convergence of NIST and ISO, and the risk management continuum.

Mr. Reymann is one of the nation's leading regulatory experts and co-author of Section 501 of the Gramm-Leach-Bliley Act Security rule. Fortune 500 companies have leveraged Mr. Reymann's subject matter expertise to develop successful go-to-market strategies for information security and technology products and services within key vertical markets.

He has more than twenty years experience in the financial services industry, including thirteen years with the Department of Treasury's Office of Thrift Supervision (OTS) in Washington D.C. There he guided the regulatory agency's Technology Risk management activities and authored several key regulatory directives and advisories on emerging risk management issues, including the industry's first regulatory directive on "Transactional Internet Banking."

Tags: Paul Reymann, GLBA, GLB, NIST, ISO, Financial, Data Security

Play Podcast Podcast Transcript (PDF)
Microsoft IIS WebDAV Remote Authentication Bypass: Interview with Amichai Shulman -- CTO and Co-founder of Imperva

Microsoft IIS WebDAV Remote Authentication Bypass: Interview with Amichai Shulman -- CTO and Co-founder of Imperva


On this episode of the Imperva Security Podcast Amichai Shulman is interviewed. He talks about Microsoft Security Advisory Number 971492 that was released on May 17th 2009. This vulnerability is related to Microsoft IIS servers running WebDAV. Amichai goes into detail about the vulnerability, why servers are still vulnerable even though this is a well known exploit, and how attacks can be mitigated with WAF or Web Application Firewalls. Amichai further talk about how the Imperva SecureSphere WAF has been protecting customers from redundant UTF-8 encoding attacks just like this for over three years.

Amichai Shulman is Co-Founder and CTO of Imperva, where he heads the Application Defense Center (ADC), Imperva's internationally recognized research organization focused on security and compliance. Shulman regularly lectures at trade conferences and delivers monthly eSeminars. The press draws on Shulman's expertise to comment on breaking news, including security breaches, mitigation techniques, and related technologies. Under his direction, the ADC has been credited with the discovery of serious vulnerabilities in commercial Web application and database products, including Oracle, IBM, and Microsoft. Prior to Imperva, Shulman was founder and CTO of Edvice Security Services Ltd., a consulting group that provided application and database security services to major financial institutions, including Web and database penetration testing and security strategy, design and implementation. Shulman served in the Israel Defense Forces, where he led a team that identified new computer attack and defense techniques. He has B.Sc and Masters Degrees in Computer Science from the Technion, Israel Institute of Technology.

Tags: Amichai Shulman, ADC, Microsoft IIS WebDAV Remote Authentication Bypass, Redundant UTF-8 Encoding, Microsoft Security Advisory Number 971492

Play Podcast Podcast Transcript (PDF)
Selected Tag: ISO | Show All
Launch iTunes & Subscribe Request More Information