Day: September 8, 2021

Fresh Bluetooth Vulnerabilities Point to Underlying Concerns About Connected Device Security

by Amy Larsen DeCarlo, posted in Secure

Summary Bullets:

Amy Larsen DeCarlo – Principal Analyst, Security and Data Center Services

• Security researchers identified more than a dozen Bluetooth Classic stack vulnerabilities that affect at least 1,400 products

• This issue is highlighting broader cybersecurity challenges in the connected device world

Security researchers from Singapore University of Technology and Design cast a spotlight on vulnerabilities in 13 different Bluetooth chipsets that could put mobile and other connected devices at risk of breaches. Dubbed BrakTooth, with Brak being a Norwegian word for crash, the 16 identified vulnerabilities in the Bluetooth Classic stack can be exploited using a number of mechanisms including denial of service, firmware crashes, deadlocks, and arbitrary code execution (ACE). A wide range of devices from Dell laptops to consumer smart speakers and connected refrigerators could be vulnerable.

Continue reading “Fresh Bluetooth Vulnerabilities Point to Underlying Concerns About Connected Device Security”

Security and Networking Consolidation Needs Concrete Examples

by Steven J. Schuchart Jr., posted in IT Leader, Network, Secure

Summary Bullets:

S. Schuchart

• Security and networking are converging, the evidence is clear, both from a technological and strategic standpoint, with security threats increasing.

• The enterprise needs tools to manage the human aspects of security and networking convergence and the fist instrument they need is real industry examples proving the trend from vendors, ITSP, carriers, and industry analysts.

By design and necessity, the security and networking industries are moving towards consolidation. Security companies are buying networking resources and networking companies are snapping up security vendors left and right. If you address a room full of vendors from the security and networking markets and proclaim that the two markets are converging, you will get heads nodding sagely. But the reality on the ground is much more complicated. Much like a stone arch, something has to move before things begin to fall in the direction gravity is pulling them.

Continue reading “Security and Networking Consolidation Needs Concrete Examples”

Observability Solutions Simplify the New Distributed IT

by Charlotte Dunlap, posted in IT Leader

Summary Bullets:

Charlotte Dunlap – Principal Analyst, Application Platforms

• Over the next six to 12 months, the observability market segment will evolve to include more comprehensive solutions which provide application-level observability data alongside systems-level data, delivered through pre-set parameters

• The future of observability is ML-powered predictive and prescriptive analytics to enable proactive responses that prevent problematic incidents

Accelerated digital business transformations are steering operations teams towards new observability stacks to oversee an increasingly diverse and distributed IT portfolio. Ops teams are overwhelmed with the move from monolithic apps to microservices where various service components within a single app must be secured and managed. New monitoring tools are emerging to help developers collaborate under DevOps models and gain automated visibility into the impact of modern coding on underlying systems. Observability solutions will shorten the lengthy feedback cycle involved before committing apps to code, enhancing the quality of apps moving through the pipeline.

Continue reading “Observability Solutions Simplify the New Distributed IT”