John Dominguez

3 min read

Hackers today make it their job to understand your security technologies and how to exploit the gaps between them. And that’s the problem – there are a lot of gaps. In our own discussions with IT security pros, it isn’t unusual to find organizations that have deployed a patchwork of 40 to 60+ different security […]

2 min read

At RSA this year and last, Marty Roesch, VP and Chief Architect for Cisco’s Security Business Group, talked about the need of an integrated threat defense to drive systemic response. The idea is to correlate and analyze data and telemetry from the multiple security technologies that organizations have deployed across different control points. And then […]

4 min read

Many colleagues, customers, and Cisco partners have asked me, “Why isn’t Cisco AMP for Endpoints included in Gartner’s recent Magic Quadrant for Endpoint Protection Platforms (EPP)?” The answer to us is pretty simple. AMP was not categorized as a traditional “EPP,” and hence, was not included in the report. According to Gartner, “Endpoint protection platforms […]

2 min read

The threat landscape is ever-changing. Attackers continue to innovate and refine their tactics, and malware is more sophisticated than ever. New threats are surfacing every day, like the Angler exploit kit and the SSHPsychos DDoS attack. According to the 2016 Cisco Annual Security Report, ransomware is exploding, Adobe Flash vulnerabilities continue to be popular with […]

2 min read

Breaches happen. It makes us cringe to say it, but it’s the obvious truth. A week doesn’t go by that we don’t hear about the latest breach in the news. All of us in the IT security industry would love to say, “our technology can prevent all breaches.” But it’s a pipedream. Being able to […]

2 min read

Protecting data, maintaining compliance, and enabling the business is a balancing act. Put too many controls in place and you inhibit workflow. Rely exclusively on traditional security tools and you lack the visibility to detect and respond to advanced attacks quickly. The industrialization of hacking has created an effective and efficient criminal economy. Attackers are […]

2 min read

Advanced malware is dynamic, elusive, and evasive. Once it slithers into the organization’s extended network, it can very quickly proliferate, cause problems, and remain undetected by traditional point-in-time security tools. These tools poll or scan endpoints for malware or indicators of compromise at a moment in time, and then do not evaluate again until the […]

2 min read

Let’s face it, malware is everywhere now, and it’s here to stay. The statistics are staggering. According to the 2014 Cisco Annual Security Report, “100 percent of the business networks analyzed by Cisco had traffic going to websites that host malware” and 96 percent of the business networks analyzed had connections to known hijacked infrastructure […]

2 min read

As I’ve discussed in past blog posts, advanced malware and sophisticated attacks are relentless as they compromise environments using new and stealthy techniques. Modern malware is dynamic and exists in an interconnected ecosystem that is constantly in motion. It will use an array of attack vectors, take endless form factors, and launch attacks over time. […]

2 min read

As an IT security practitioner, you have a lot on your plate. Malware attacks are ever present. Hackers are smarter than ever and have the resources and persistence to compromise your organization. The malware being created today is more sophisticated. And the number and types of devices being used in the workplace are expanding, which […]

2 min read

Every organization needs to face the fact that breaches can and do happen. Hackers have the resources, the expertise, and the persistence to infiltrate any organization, and there is no such thing as a 100 percent effective, silver-bullet detection technology. As security professionals, we tend to focus on what we can do to defend directly […]