Welcome to 6Labs!
Welcome to 6Labs! This first post will be an overview of 6Labs and the industry insight we will provide through this venue. 6Labs is the culmination of research and industry thought leadership produced throughout FishNet Security. We will highlight emerging technologies and InfoSec issues while not ignoring the fundamental issues faced by our customers every day. With hundreds of security consultants and engineers working with clients around the globe, you will see the breadth of our experience in blog postings, webinars, white papers, tools and more. Here are a few areas we'll be focusing on in the coming months:
- Pragmatic Approach. There is no shortage of hype in the information security industry. Every vendor wants its product suite to solve the issue of the day and may stretch the reality of what its tools can actually provide. With a pragmatic/vendor-agnostic view of these solutions, our thought leaders will help customers navigate their way through the “hype cycle” and constantly evolving InfoSec landscape.
- Enterprise Mobility. The “consumerization” of IT and the mobility of today's workforce have created a vast landscape of new threats for the IT security professional to consider. We are at the forefront of this arms race. FishNet Security’s Joey Peloquin, Dan Thormodsgaard and others will use 6Labs to share their vision for mobile security and provide guidance as the space matures. Choosing an MDM platform is only the beginning. Building a strategy to insert mobile security into your overall security program is a much larger initiative that must be wrestled to the ground. Baking mobile security into your security policy, application security program and forensics framework are just a few examples of how such a strategy can be realized.
- IPv6. Newsflash: On Feb. 3, 2011, the last /8 address blocks were allocated. The world is officially out of public IP addresses. You've heard the reports of address space exhaustion for years, but we are nearing a time when an enterprise must actively plan its migration strategy. IPv6 offers enhanced security features over its predecessor, but the migration will not be simple. Many of the network security products deployed today have IPv6 interoperability, but will they offer the same visibility into the packet?
- Virtualization. No surprise here — there has been a massive push to increase operational efficiency through virtualization. In some cases, these migrations have quickly rolled into production without an organization’s IT Security group having time to fully understand or address security and compliance risks. We will be blogging on virtualization security and starting a speaking series for 2012. Our PCI team also just completed a webinar on how to manage PCI compliance in a virtualized environment.
- Data Protection. Data today is worth more than ever. In many companies, data is consider the “crown jewel” of the corporation, be it credit cards, personal information, trade secrets, etc. Armed with this realization, the market has become flooded with methods and technologies that can be deployed to properly protect data and help companies meet their compliance requirements, including data discovery, leakage prevention, encryption and tokenization. This series of blogs and presentations will attempt to shine a light on the data protection space and provide guidance on choosing and implementing proper solutions.
Finally, 6Labs is about collaboration and giving back to the community. We want our blogs to be an interactive forum where industry experts collaborate and solve problems. RAFT and our Incident Response Framework are examples of free resources that our experts have developed and which we offer back to the community at no charge. Enjoy the content. We hope it solves issues, spurs creative dialogue and provides real value to you.