ICSA Labs Blog: Web Application Firewalls

Understanding the benefits of ICSA Labs certification

Knowing the benefits of certification is important for security product vendors and enterprises to understand.

The first step is to understand what certification is and what it is not.

Why Certify? The Significance of ICSA Labs Certification

When it comes to security, many vendors consider certification of its products by an independent organization an option, not a requirement. However, third party testing is an important element when a company is deciding on technology solutions that are part of its security management program.

Q&A: George Japak of ICSA Labs Offers Advice around NCSA Month

This month marks the 11th anniversary of National Cyber Security Awareness Month (NCSAM) where raising awareness about cybersecurity is a top priority for both the public and private sector.

The Flame Reality & Swiss Cheese Security

Two articles appeared overnight that got me thinking. The first is a Reuter’s piece that says Iran has discovered and preempted a “massive, new cyber attack”. No real details are available, so it might be so, or it might not. It might even just be talking about Flame. http://www.reuters.com/article/2012/06/21/us-iran-cyber-nuclear-idUSBRE85K1EA20120621

When Ages and Revolutions Converge

As this is my first post on ICSA Labs’ blog, I thought I’d take a little bit of time to explain how I currently see the malware world. For those who don’t know me, I’ve been dealing with viruses and assorted malware since 1987, which is about when the first viruses appeared.

Verizon Launches 2011 Data Breach Investigation Report – What Does It Mean for You?

On April 19, Verizon issued its much-anticipated 2011 Data Breach Investigations Report (DBIR).  This report has become the seminal report for the security community, and is eagerly awaited for each year. 

Some key takeaways from this year’s report:

Confused about new Texas Law, Title 10, Section 2059.060? Read the law itself.

The state of Texas recently had a law go into effect (on Dec. 1, 2010) that impacts the security product testing industry, including ICSA Labs.  The law has attracted a significant amount of attention, some of which is inaccurate. 

The law—and the administrative code that provides rules on implementation—includes a section that clearly and succinctly defines terms.  I encourage you to read the law yourselves, quotations and links provided below. 

Give me Independent Testing or Give me Death

235 years ago today (March 23, 1775), Patrick Henry gave a powerful speech to Virginia’s delegates in Richmond that ended in the famous saying, “give me liberty, or give me death.”  Liberty, freedom, and independence are powerful ideas central to free nations, and also advocated by many businesses in those nations.