Imperva Blog|Login|中文Deutsch日本語

Podcasts

Launch iTunes & Subscribe  Imperva on iTunes Hide Descriptions
Selected Tag: VA | Show All
Application Security Survey Results -- An interview with Jeremiah Grossman

Application Security Survey Results -- An interview with Jeremiah Grossman


On this episode of the Imperva Security Podcast Jeremiah Grossman of Whitehat Security is interviewed regarding the latest application security survey conducted by the Ponemon Institute.

Jeremiah gives his perspectives on the survey results and details the why and how of the survey's findings: good, bad, and ugly.

Jeremiah Grossman is the founder and CTO of WhiteHat Security. He is considered a world-renowned expert in Web security, is a co-founder of the Web Application Security Consortium, and was named to InfoWorld's Top 25 CTOs for 2007. Grossman is a frequent speaker at industry events and universities around the globe. He has authored dozens of articles and white papers; is credited with the discovery of many cutting-edge attack and defensive techniques and is a co-author of XSS Attacks. Grossman is often quoted in the business and technical press. Prior to WhiteHat, Grossman was an information security officer at Yahoo!

Tags: Application Security, Jeremiah Grossman, Whitehat Security, Survey, WAF, VA, Application Security Survey Results

Play Podcast Podcast Transcript (PDF)
Application Security Survey Results -- An interview with Dr. Larry Ponemon

Application Security Survey Results -- An interview with Dr. Larry Ponemon


On this episode of the Imperva Security Podcast Dr. Larry Ponemon of the Ponemon Institute is interviewed regarding his latest application security survey.

Dr. Ponemon discusses why this survey is so timely given the state of application security. He goes on to discuss some of the statistical findings as well as well as his interpretation of the results. Finally, he outlines what companies that are getting application security done correctly are doing in contrast to those that are missing the mark.

Dr. Larry Ponemon is the Chairman and Founder of the Ponemon Institute, a research "think tank" dedicated to advancing privacy and data protection practices. Dr. Ponemon is considered a pioneer in privacy auditing and the Responsible Information Management or RIM framework.

Dr. Ponemon consults with leading multinational organizations on global privacy management programs. Dr. Ponemon was appointed to the Advisory Committee for Online Access & Security for the United States Federal Trade Commission. He was appointed by the White House to the Data Privacy and Integrity Advisory Committee for the Department of Homeland Security. Dr. Ponemon was also an appointed to two California State task forces on privacy and data security laws.

Dr. Ponemon earned his Ph.D. at Union College in Schenectady, New York. He has a Master's degree from Harvard University, Cambridge, Massachusetts, and attended the doctoral program in system sciences at Carnegie Mellon University, Pittsburgh, Pennsylvania. Dr. Ponemon earned his Bachelors with Highest Distinction from the University of Arizona, Tucson, Arizona.

Tags: Application Security, Larry Ponemon, Ponemon Institute, Survey, WAF, VA, Application Security Survey Results

Play Podcast Podcast Transcript (PDF)
Perspectives on Data Security in Asia -- An interview with Terry Ray

Perspectives on Data Security in Asia -- An interview with Terry Ray


On this episode of the Imperva Security Podcast Terry Ray -- Senior Director for Americas and Asia Pacific Technical Services for Imperva is interviewed.

Terry is a frequent visitor to many parts of Asia. Over the years he has developed a relationship with customers and partners in Asia, giving him a sense for the state of data security, general security trends, and reactions to current security events from an Asian-centric perspective that he can contrast with a North America-centric view. Terry discusses how different regions approach application and database security, current events such as the recent Google attacks in China, and how the Asian community is applying countermeasures to protect their sensitive applications and databases.

Terry Ray is the Senior Director for Americas and Asia Pacific Technical Services for Imperva Inc., a provider of data security solutions. At Imperva, Terry manages teams of security engineers and, has designed and deployed data security solutions, and performed data penetration testing for a wide range of healthcare, financial services, government and eCommerce organizations. Terry has been a frequent speaker for ISSA, OWASP, ISACA, IANS and others in the Americas and abroad.

Prior to joining Imperva, Terry worked in a variety of technical roles at Check Point Software Technology ltd., including security engineering and, partner and end-user technical instruction. Terry has lectured on general network security topics and taught professional security related product certifications in over 35 countries worldwide.

Tags: Terry Ray, Imperva, Asia, Data Security

Play Podcast Podcast Transcript (PDF)
Adaptive Reputation-based Defense (ThreatRadar) -- An interview with Eldad Chai

Adaptive Reputation-based Defense (ThreatRadar) -- An interview with Eldad Chai


On this episode of the Imperva Security Podcast Eldad Chai -- Imperva Web Application Firewall Product Manager, is interviewed.

Eldad talks about Imperva's ThreatRadar solution. He outlines what it is, how it's used, and what customers can expect to gain from it. He covers specific threat examples such as automated attacks and business logic attacks and how they can be addressed beyond blocking and alerting with capabilities such as CAPTCHA, challenge-response, redirection and more.

Eldad Chai is a product manager at Imperva, responsible for Imperva's award winning Web Application Firewall (WAF). Eldad defines and leads the product vision and roadmap and is behind various game changers in the Web application security space such as the integration between WAFs and Web vulnerability scanners and Imperva's reputation based web security technology - ThreatRadar. Eldad started at Imperva as the leader of the web research team, where he was part of the Application Defense Center (ADC), Imperva's internationally recognized research organization focused on security and compliance. Eldad lead research projects in various fields such as web security, security technologies, mitigation strategies and hacking methodologies. Prior to Imperva, Eldad provided data security and network optimization services as a consultant. Eldad participated in Deutsche Telecom's eThreat project where he developed an innovative solution for a distributed electronic threat detection system that is now part of Deutsche Telecom's intellectual property. He holds a B.Sc and an M.Sc in Communication Systems Engineering from Ben-Gurion University, Israel.

Tags: Eldad Chai, Imperva, WAF, ThreatRadar

Play Podcast Podcast Transcript (PDF)
Interview with Dana Tamir on Data Discovery, Assessment and Classification

Interview with Dana Tamir on Data Discovery, Assessment and Classification


On this episode of the Imperva Security Podcast Dana Tamir is interviewed.

Dana talks about the Imperva SecureSphere DAS (Discovery and Assessment Server) solution. She outlines why this technology is critical to an effective data security strategy, they theory and technical details of how it works, as well as several use cases.

Dana Tamir is a Sr. Product Marketing Manager at Imperva. She has over a decade of real-world experience in the Software Industry. In her role at Imperva she leads the launch and marketing activities related to database security solutions. She routinely delivers compliance and security-related presentations, white papers and webcasts. Prior to joining Imperva, Dana held various Pre-sale, Post-Sale, Application Engineering and Product Development roles at high tech and Internet security companies including Symantec, Bindview, and Amdocs. Dana holds a B.Sc. from the Technion -- Israel Institute of Technology. She is a certified MCSE, MCDBA and OCA.

Tags: Dana Tamir, Imperva, DAS, Discovery, Assessment, Classification

Play Podcast Podcast Transcript (PDF)
Interview with Lars Ewe -- CTO of Cenzic -- WAF

Interview with Lars Ewe -- CTO of Cenzic -- WAF


On this episode of the Imperva Security Podcast Lars Ewe, CTO of Cenzic, is interviewed.

Lars discusses the Imperva Cenzic partnership, and why bringing together vulnerability scanning services with Web Application Firewalls (WAF) is critical for application security. He also shares his views on what the future holds for application security overall.

Lars Ewe, Chief Technology Officer and VP of Engineering with Cenzic, is a technology executive with broad background in (web) application development and security, middleware infrastructure, software development and application/system manageability technologies. Throughout his career Lars has held key positions in engineering, product management/marketing, and sales in a variety of different markets. Prior to Cenzic, Lars was software development director at Advanced Micro Devices, Inc., responsible for AMD's overall systems manageability and related security strategy and all related engineering efforts. Lars was also AMD's representative to the board of directors of the Distributed Management Task Force. Before AMD, Lars was senior director at Borland Software Corp., where he managed worldwide server software pre-sales, technical services, and key partner relationships. Prior to Borland he held key positions at Oracle Corporation's Server Technologies Division and Webgain. Lars has Bachelor of Science and Master of Science degrees in Mechanical Engineering from the Technical University of Munich, Germany.

Tags: Lars Ewe, Cenzic, Partner, WAF and VA, Web Application Security

Play Podcast Podcast Transcript (PDF)
Aviram Jenik of BeyondSecurity, an Imperva Partner, talks about WAF, VA, Black Box testing, and related solutions necessary for a strong application security posture

Aviram Jenik of BeyondSecurity, an Imperva Partner, talks about WAF, VA, Black Box testing, and related solutions necessary for a strong application security posture


On this episode of the Imperva Security Podcast Aviram Jenik of BeyondSecurity is interviewed. Aviram discusses why Imperva and BeyondSecurity have partnered to offer a combination of WAF, Black Box Testing, and Vulnerability Assessment services together. Aviram discusses several very interesting application security "stories from the trenches," and shares his perspectives on the evolution of application security.

Mr. Jenik has 17 years of experience in the Computer Security field. From the early days of computer viruses he was involved in the fields of encryption, security vulnerabilities detection and research. He worked in development, marketing and sales roles in several startups, and had 2 successful exits before co-founding Beyond Security in 1999.

Aviram has a Bsc. in Computer Science with a major in cryptography and an MBA from T.A. University with majors in strategy and entrepreneurship.

Tags: Aviram Jenik, Partner, BeyondSecurity, WAF, VA, Black Box Testing

Play Podcast Podcast Transcript (PDF)
Jeremiah Grossman of Whitehat Security, an Imperva Partner, talks about bringing together to worlds of WAF and VA to improve overall application security and reduce business risk

Jeremiah Grossman of Whitehat Security, an Imperva Partner, talks about bringing together to worlds of WAF and VA to improve overall application security and reduce business risk


On this episode of the Imperva Security Podcast Jeremiah Grossman of Whitehat Security is interviewed. Jeremiah discusses why Imperva and Whitehat have partnered to offer a blended approach to Web application security through WAF plus VA. Jeremiah explains that the industry now requires these once diametrically opposed solutions to unite in order to address today's threats and reduce overall business risk.

Jeremiah Grossman is the founder and CTO of WhiteHat Security. He is considered a world-renowned expert in Web security, is a co-founder of the Web Application Security Consortium, and was named to InfoWorld's Top 25 CTOs for 2007. Grossman is a frequent speaker at industry events and universities around the globe. He has authored dozens of articles and white papers; is credited with the discovery of many cutting-edge attack and defensive techniques and is a co-author of XSS Attacks. Grossman is often quoted in the business and technical press. Prior to WhiteHat, Grossman was an information security officer at Yahoo!

Tags: Jeremiah Grossman, Partner, Whitehat Security, WAF, VA

Play Podcast Podcast Transcript (PDF)
Interview with Dr. Anton Chuvakin, Director of PCI Compliance Solutions at Qualys and Recognized Security Expert & Author

Interview with Dr. Anton Chuvakin, Director of PCI Compliance Solutions at Qualys and Recognized Security Expert & Author


On this episode of the Imperva Security Podcast Dr. Anton Chuvakin is interviewed. Anton talks about PCI and the need for vulnerability assessments to work in concert with application and data security solutions to develop a strong security posture.

Dr. Anton Chuvakin (http://www.chuvakin.org) is the Director of PCI Compliance Solutions at Qualys and is a recognized security expert and book author. He is an author of the book "Security Warrior" and a contributor to books such as "Know Your Enemy II", "Information Security Management Handbook", "Hacker's Challenge 3", "PCI Compliance", "OSSEC HIDS" and others. Anton also published numerous papers on a broad range of security subjects. In his spare time he blogs at http://www.securitywarrior.org. Anton has presented at many security conferences across the world; his recent speaking engagements include presenting in the United States, UK, Singapore, Spain, Canada, Poland, Czech Republic, Russia and other countries. Anton holds a Ph.D. degree from Stony Brook University.

Tags: Anton Chuvakin, PCI, Data Security

Play Podcast Podcast Transcript (PDF)
Selected Tag: VA | Show All
Launch iTunes & Subscribe Request More Information