Tag Archives: development

Why I recently Joined SonicWall

Dear Friends and Colleagues,

As many of you already know, in April I announced my plan to join SonicWall. I am sure that some of my friends in the security industry expected me to join a “hot new startup” someday as opposed to a 26-year-old company. So, I figured I owed each of you a proper explanation of why I decided to join SonicWall at this time.

I had the pleasure of being introduced to some of the key product developments that were in SonicWall’s near-term roadmap. Those included fresh-new user interfaces, the addition of RTDMI technology to SonicWall’s Capture services, Capture Client, Capture Security Center and other innovative upcoming product plans.

As I further studied the company, I quickly discovered that SonicWall has an aggressive but achievable plan to completely transform its offerings in ways the company and the security industry are not expecting. These changes gave me renewed confidence in SonicWall and validated my decision to join at this crucial phase in the company’s history. I feel I have joined a company well on the path to the innovation and growth often only seen in startups.

My promise to our customers as a leader of SonicWall’s product management organization is to continue to drive innovation and bring renewed industry perspectives to SonicWall products and business strategy.

In short — I firmly believe we are poised for success and I expect to continue to work hard to win net new customers in the firewall market!


Unleash the Power of Digital Business

Digital business demands a new approach to application infrastructure. Ahead of the Gartner Application Architecture, Development & Integration Summit 2018, taking place March 12-13 in Mumbai, we spoke to Keith Guttridge, research director at Gartner, on the impact of applications in todays digital world.

Gartner Announces Winners of the 2017 EMEA Gartner Eye on Innovation Awards

Gartner, Inc. has announced the winners of the 2017 Gartner Eye on Innovation Awards for financial services in Europe, the Middle East and Africa (EMEA). The awards recognize innovative use of technology-enabled capabilities to highlight "best in class" financial industry initiatives launched within the past 12 months, and to offer insight into developments in digital innovation.

Gartner Announces Asia Pacific Winners of the 2017 Gartner Financial Services Eye on Innovation Awards

Gartner, Inc. has announced the winners of the 2017 Gartner Financial Services Eye on Innovation Awards for the Asia Pacific region. The awards recognize innovative use of technology-enabled capabilities to highlight "best-in-class" financial industry initiatives launched within the past 12 months and to offer insight as to developments in digital innovation.

My latest Gartner research: Vendor Rating: Huawei

Huawei has established itself as a solid provider of ICT infrastructure technologies across consumer, carrier and enterprise markets worldwide. CIOs and IT leaders should utilize this research to familiarize themselves with Huawei’s “all-cloud” strategy and ecosystem development….

Gartner subscribers can access this research by clicking here.


[ISN] How hackers could attack hard drives to create a pervasive backdoor

http://arstechnica.com/information-technology/2015/02/how-hackers-could-attack-hard-drives-to-create-a-pervasive-backdoor/ By Sean Gallagher Ars Technica Feb 18, 2015 News that a hacking group within or associated with the National Security Agency compromised the firmware of hard drive controllers from a number of manufacturers as part of a 14-year cyber-espionage campaign has led some to believe that the manufacturers were somehow complicit in the hacking—either by providing source code to controller firmware or other technical support. But it’s long been established that hard drive controllers can be relatively easily reverse-engineered without any help from manufacturers—at least, without intentional help. Despite keeping hardware controller chip information closed, hard drive manufacturers’ use of standard debugging interfaces makes it relatively simple to dump their firmware and figure out how it works—even inserting malicious code that can trigger specific behaviors when files are accessed. Reverse-engineering it to the point of creating a stable alternative set of firmware for multiple vendors’ hard disk controllers that also includes persistent malware, however, is a significant feat of software development that only the most well-funded attacker could likely pull off on the scale that the “Equation group” achieved. Hard drive controller boards are essentially small embedded computers unto themselves—they have onboard memory, Flash ROM storage, and a controller chip that is essentially a custom CPU (usually based on the ARM architecture). They also generally have diagnostic serial ports, or other interfaces on the board, including some based on the JTAG board debugging interface. Using software such as Open On Chip Debugger (OpenOCD), you can even dump the “bootstrap” firmware from the controller and analyze it with an ARM disassembler. […]


[ISN] Surprise! America Already Has a Manhattan Project for Developing Cyber Attacks

http://www.wired.com/2015/02/americas-cyber-espionage-project-isnt-defense-waging-war By Kevin Poulsen Threat Level Wired.com 02.18.15 “What we really need is a Manhattan Project for cybersecurity.” It’s a sentiment that swells up every few years in the wake of some huge computer intrusion—most recently the Sony and Anthem hacks. The invocation of the legendary program that spawned the atomic bomb is telling. The Manhattan Project is America’s go-to shorthand for our deep conviction that if we gather the smartest scientists together and give them billions of dollars and a sense of urgency, we can achieve what otherwise would be impossible. A Google search on “cyber Manhattan Project” brings up results from as far back as 1997—it’s second only to “electronic Pearl Harbor” in computer-themed World War II allusions. In a much-circulated post on Medium last month, futurist Marc Goodman sets out what such a project would accomplish. “This Manhattan Project would help generate the associated tools we need to protect ourselves, including more robust, secure, and privacy-enhanced operating systems,” Goodman writes. “Through its research, it would also design and produce software and hardware that were self-healing and vastly more resistant to attack and resilient to failure than anything available today.” These arguments have so far not swayed a sitting American president. Sure, President Obama mentioned cybersecurity at the State of the Union, but his proposal not only doesn’t boost security research and development, it potentially criminalizes it. At the White House’s cybersecurity summit last week, Obama told Silicon Valley bigwigs that he understood the hacking problem well—“We all know what we need to do. We have to build stronger defenses and disrupt more attacks”—but his prescription this time was a tepid executive order aimed at improving information sharing between the government and industry. Those hoping for something more Rooseveltian must have been disappointed. On Monday, we finally learned the truth of it. America already has a computer security Manhattan Project. We’ve had it since at least 2001. Like the original, it has been highly classified, spawned huge technological advances in secret, and drawn some of the best minds in the country. We didn’t recognize it before because the project is not aimed at defense, as advocates hoped. Instead, like the original, America’s cyber Manhattan Project is purely offensive. […]