CrowdStrike Partners with Coverity to Ensure Software Security

Hi, my name is George Kurtz, Chief ExecutiveOfficer at CrowdStrike and one of the co-founders. Formerly, I spent about seven years at McAfee,most recently as their Chief Technology Officer and before that I was the Chief ExecutiveOfficer at a company called, Foundstone, which I founded and I am one of the co-authors ofHacking Exposed. So …

Computer Security | Federal Trade Commission

Every day you hear aboutscammers, hackers, and thieves, trying to use theinternet to steal your money and your financialinformation.

The fact is you, me, we, canfoil many of their attempts.

Every day, we do things to makeit tough for bad guys to break into our homesand our cars.

We can make it tougher forthem to break into our computers too.

Here are some ways to foila hacker and protect your financial information.

Install security softwareon your computer.

Well-known companies offerplenty of free options.

Set the software to updateautomatically so it can deal with any new security threats.

While you're at it, set youroperating system and web browser to update automaticallytoo.

If you're not sure how, use theHelp function and search for automatic updates.

If you get a phone call, anemail, a text, or a pop-up that says your computer has avirus or malware, don't buy the story or the securitysoftware they're selling.

It could be a trick to get youto buy software that's worthless or even harmful.

Treat your financial informationlike cash.

It's a hot commodity.

If someone asks for yourfinancial information, say your social security, creditcard, or bank account number, ask why they need it and howthey're going to protect it.

If you think you've found agood deal online but you aren't familiar with thecompany, dig a little deeper.

A quick internet search withthe name of the company and the word review or complaintcan reveal a lot.

Always look for a physicaladdress and phone number too.

That way you know who to contactif there's a problem.

Don't provide your personal orfinancial information unless the website you'reon is secure.

If the URL doesn't start withhttps, don't enter your financial information.

That S stands for secure.

It means the information you'resending is encrypted and protected.

Make your passwords count.

They should be at least 10characters and a mix of numbers, letters, andspecial characters.

Don't use your name, birthdate, or common words.

Don't use the same passwordfor several accounts as tempting as that maybe.

If it's stolen, hackerscan use it to access your other accounts.

Keep your passwords in a secureplace, and don't share them with anyone.

Back up your computer files.

For example, copy importantfiles to an external hard drive on a regular basis.

That way if there's a problemwith your computer, you won't lose everything.

Life is online whether you liveit using a smartphone, a tablet, a laptop, or a desktop,it's a good time to make computer securitya habit.

Find out more atOnGuardOnline.

Gov, the federal government's site to helpyou be safe, secure, and responsible online.

Source: Youtube

VMware and Trend Micro: Security for the Software Defined Datacenter – Trend Micro

Hello, I'm Steve Kwan[sp].

And I'm here with Adim Nahid[sp] And we're excited to do another year of a great partnership between VMware and Trend Micro.

Over the last [xx] years our customer have been moving quickly to adopt cloud.

And security is top of mind for them and I think the relationship has really helped to [xx] [xx] that adoption, Trend Micro has been able to deliver a lot of the security capabilities from an end-point perspective and more within the context of the VMware environment.

Deep Security is a shield around our virtual [xx].

It does anti-malware, it does firewall, it does intrusion prevention log inspection.

It's very easy to deploy and manage.

Deep Security allows companies to scale at a very rapid rate.

Without Deep Security Virtual patching, we would not have been able to bring this project live.

Trying to have the in-depth knowledge of security in a virtual world, and in a the cloud that we needed.

Source: Youtube

Digital Security Software

SO, IF YOU AE THE PARENT OF A TEENAGER, YOUMIGHT WANT TO LISTEN UP.

I'M LISTENING BECAUSE I'VE GOT A PRE-TEEN.

MORE AND MORE TEENS ANDEVEN PRE-TEENS GO ONLINE AS WE KNOW.

THEY'RE USING THEIR CELL PHONES, THEIR LAPTOPS, THEIRTABLETS, MOMS AND DADS NEED TO BE EXTRA DILIGENT, 24/7 IN FACT TO KEEP THEM OUT OF DIGITAL HARMSWAY.

WITH US THIS MORNING TO DISCUSS HOW TO DO JUST THAT – HOW TO KEEP OUR CHILDREN SAFEIN AN ONLINE WORLD IS STACY CONNER, DIRECTOR OF WORLDWIDE RETAIL MARKETING FOR MCAFEE,HEY STACY, GOOD MORNING.

HI, GOOD MORNING DANIELLE.

TIMELY TOPIC, GIVEN THAT I DO HAVE A 12 YEAR-OLDIN MY HOUSE, RIGHT NOW, AND SO WHAT CAN YOU TELL US ABOUT KIDS ONLINE HABITS THAT WE ASPARENTS MIGHT NOT KNOW.

WELL, THE FIRST THING I WOULD SAY IS, THERE'SSOME GAPS, THERE'S SOME PRETTY BIG GAPS.

IT'S INTERESTING MCAFEE JUST DID A STUDY CALLEDTHE DIGTAL DECEPTION SURVEY, WHERE WE WENT OUT AND TALKED TO TWEENS AND TEENS ABOUT THEIRONLINE HABITS AND ABOUT THE DEVICES THAT THEY USE SUCH AS TABLETS AND SMART PHONES.

HERE'SWHAT WE LEARNED.

THE BIG THING? KIDS ARE ONLINE TWICE AS MUCH AS THE PARENTS THINK THEY ARE.

ALSO, THEIR TAKING MEASURES TO PUT VERY PERSONAL INFORMATION OUT ABOUT THEMSELVES ONLINE ANDALSO TAKING PROACTIVE MEASURES TO KEEP PARENTS IN THE DARK ABOUT WHAT THEY'RE DOING.

SO, THEIR BEING SLICK AND YRYING TO FOOL US IS WHAT YOU'RE SAYING (LAUGHS).

THAT'S A TEEN FOR YOU, RIGHT? UM, BUT THE OTHER THING THE MOST CONCERNINGTHING THAT I FOUND FROM THE STUDY WAS THE FACT THAT THESE TEENS AND TWEENS ALREADY AREHAVING NEGATIVE ONLINE EXPERIENCES IN THE FORM OF CYBER BULLYING OR OTHER CYBER THREATSAND THINGS LIKE THAT, AND YOU KNOW, ALL OF THIS DATA LED MCAFEE TO CREATE A NEW PRODUCTTHAT WE CALL MCAFEE LIVE SAFE.

I THINK I LOVE THAT BECAUSE ONE OF THE THINGSFOR ME AS A PARENT I WILL DO ANY AND EVERYTHING TO PROTECT MY CHILDREN IN THE PHYSICAL WORLD.

YES.

IT'S A LITTLE MORE DIFFICULT TO DO IN THECYBER WORLD, WHAT CAN WE DO TO PROTECT OUR FAMILY?WELL, I THINK TWO THINGS COME TO MIND, THE FIRST IS HAVE CONVERSATIONS WITH YOUR TWEENSAND TEENS, MAKE SURE YOU START THAT DIALOGUE AND AS A PARENT MAKE SURE THAT YOU'VE GOTTHAT AWARENESS AS FAR AS HOW YOUR TEENS ARE ENGAGING ONLINE AND WHAT TECHNOLOGIES THEY'REREALLY USING.

I ALSO LIKE TO REMIND PARENTS, THOUGH, THAT YOU HAVE TO HAVE SECURITY ONEVERY SINGLE DEVICE THAT THEY'RE GOING TO USE.

IF IT'S A TABLET, IF IT'S A SMART PHONE,WHETHER THEY'RE USING IT FOR FIVE MINUTES A DAY, OR FIVE HOURS A DAY, IT ABSOLUTELYHAS TO HAVE SUCURITY.

THE THING AS ADULTS THAT WE KNOW IS WE ALL HAVE GOT DIGITAL FOOTPRINTS,EVERY TIME WE PUT SOMETHING OUT OR PUT A POST ON FACEBOOK OR TWITTER OR ENGAGE WITH THEINTERNET IN ANY WAY, OUR DIGITAL FOOTPRINT GROWS.

BUT GUESS WHAT? OUR TWEENS AND TEENSARE ALSO STARTING THEIR DIGITAL FOOTPRINTS AND IT'S REALLY IMPORTNAT TO PROTECT THATFOOTPRINT FROM EARLY ON.

I THINK IT'S INTERESTING BECAUSE THEY DON'TKNOW WHAT WE KNOW ABOUT THAT DIGITAL FOOTPRINT, SO WE MAY BE MORE CAREFUL IN TERMS OF WHATWE PUT ONLINE THAT MAY BE TWEENAGERS AND TEENAGERS DO WHO DON'T KNOW.

SO, WHEN IT COMES TO SECURITYSOFTWARE, THEN WHAT FEATURES ARE MOST IMPORTANT? WELL, THE FIRST THING IS A SECURITY FEATURETHAT ALLOWS YOU TO PUT SECURITY ON EVERY DEVIE THATS IN YOUR HOUSEHOLD.

WE CALL THAT UNLIMITEDDEVICE COVERAGE.

WHEN YOU BRING A NEW DEVICE INTO YOUR HOME, YOU DON'T WANT TO HAVE TOWORRY ABOUT GOING OUT AND BUYING A NEW SOFTWARE SECURITY PACKAGE TO PUT ON IT, YOU JUST WANTA SECURITY PROGRAM THAT YOU CAN DEPLOY TO THAT DEVICE AS SOON AS YOU BRING IT IN THEHOME.

NOW, FOR OUR KIDS AND OUR TWEENS, ONE OF THE MOST IMPORTANT FEATURES THAT YOU CANHAVE IS SOMETHING CALLED PARENTAL CONTROLS.

OKAY.

THIS IS GOING TO ALLOW YOU TO TRACK INTERNET USAGE, MONITOR THE SITES THEY GO ON AND IT'SALSO GOING TO ALLOW THOSE TWEENS AND KIDS TO KNOW IF THEY'RE ABOUT TO GO TO A GOOD SITEOR MAYBE A NOT SO GOOD SITE.

FOR OUR TEEN SET, THE BIG THING IS A COUPLE OF THINGS;OUR TEENS ARE USING TABLETS AND SMART PHONES MORE AND MORE, AND GUESS WHAT? THEY GET LOST,THEY GET STOLEN.

UM HMM.

SO, HAVING A FEATURE THAT ENABLES YOU TO LOCATE, LOCK AND WIPE THE DEVICE, SHOULD IT BECOMELOST OR STOLEN, IS ABSOLUTELY CRITICAL.

SO STACY, IN ALL HONESTY, IS THERE A WAY THATWE AS PARENTS CAN KIND OF BE THAT SOFTWARE EXPERT AND TRULY PROTECT OURSELVES AND OURFAMILIES? THE ANSWER, DANIELLE, IS NO.

PARENTS DON'TNEED TO BE SOFTWARE EXPERTS, MCAFFEE IS THE SOFTWARE EXPERT.

LET US DELIVER THAT EXPERTISETO YOU, BUT IT IS ABSOLUTELY POSSIBLE FOR YOU TO PROTECT YOUR FAMILY WITH A GREAT PRODUCTWITH EASY TO USE FEATURES AND THAT'S MACAFEE LIVE SAFE.

JUST ABOUT TEN SECONDS LEFT, WHAT ARE THE MOST IMPORTANT THINGS THAT WE NEED TO REMEMBERWHEN IT COMES TO OUR KIDS ONLINE SAFETY? HAVE THE CONVERSATION AND BE AWARE ABOUT WHATYOUR TWEENS AND TEENS ANRE DOING ONLINE, HAVE SOME SECURITY ON EVERY SINGLE DEVICE THATTHEY MIGHT BE USING AND MAKE SURE THAT IT'S GOT THOSE CRITICAL FEATURES LIKE PARENTALCONTROLS AND AVAILABILITY TO LOCATE, LOCK AND WIPE, AND I JUST WANT TO POINT OUT THATOUR MCAFEE LIVE SAFE PRODUCT HAS ALL OF THAT.

AND YOU KNOW THEY'LL HATE US NOW BUT THEY'LLTHANK US LATER.

ABSOLUTELY.

I TELL MY KID THAT ALL THE TIME (LAUGHS).

THANK YOU SO MUCH STACY FOR COMING BY, GREATINFORMATION.

THANK YOU.

AND IF YOU'D LIKE TO PROTECT YOUR FAMILY VISIT THE FOLKS OVER AT MCAFEE BY GOING TO LIVESAFE.

COM,THAT'S LIVE, L-I-V-E SAFE DOT COM.

OH, AND DON'T FORGET TO VISIT US ON FACEBOOK, SHARENY OF YOUR INTERNET STORIES OR DIGITAL CONCERNS.

THATS FACEBOOKBALANCINGACTFANS.

Source: Youtube

Eagle Investment Systems: Ensuring Software Quality & Security with Coverity

Eagle Investment Systems is a financial servicestechnology firm.

Our objective is to help our customers to grow their assets efficiently.

We provide data management, accounting and performance solutions to a global client baseand as a result of being wholly owned by BN MELLON? we can offer a number of differentservices from either an on premise solution to a secure private cloud one to a full businessoutsourcing capability.

We wanted to take a holistic view of our SDLC,of our software development lifecycle.

We wanted to work with vendors that were industryexperts, best of breed technologists in their spaces.

Piece those together to really enhancea quality program around how we release software to the marketplace.

And we felt some of thecapabilities and checkers that Coverity provided gave us that.

Working with Coverity duringthat proof of concept, we were very, very impressed by the comprehensive and in-depthnumber of checkers that were available to us for our C++ code.

We were also really impressedby the access to some of the senior engineers that would work with us on a one on one basisto understand how the tool worked and how we can use it to drive our efficiency.

It was a tool built by developers, for developers.

So what that really meant was that we couldcontinue to maintain a good, healthy environment around development but at the same time ensurethat the developers were managing their own quality defects.

One of the things that wereally liked about the Coverity application was its alignment to the CWE, the Common WeaknessEnumeration library.

It helped us in terms of explaining the types of defects to notjust our engineering staff, but our services and support teams.

We have two implementation strategies for how we leverage Coverity.

The first is reallyensuring that there are no new defects in the application.

So as we're doing daily builds,our engineers are getting informed of defects or software coding flaws as early on in thecycle as possible.

The second piece is really around managing defect density and managingtechnical debt.

So if there's an error in our application where we feel we need to focusattention on, we shift resources into that area and drive down the defect density onthat particular subject.

Application security is a key discipline within a software developmentlifecycle, especially as we deliver our software through Eagle Access, our secure private cloud.

A recent extension of our use of Coverity has included checks on the C# code.

And whatthat allows us to do it help our engineers understand common vulnerabilities using theCWE libraries, as well as the OWASP libraries.

So Eagle's an Agile R&D shop.

A couple ofthings that we do and how plug Coverity into them is we build our software at least oncea day.

So what that means is as our engineers get Coverity defect feedback every morning,so whether it's the offshore guys or the onshore team, they're able to evaluate any flaws thatthey may have introduced into the previous day's development.

Quality is crucial to our business.

Our clients rely on our solutions every single day topower their investment decisions.

Really the ROI for us was being able to identify issuesearlier in the lifecycle.

It's fairly well known that the longer that a defect continuesdown that software development lifecycle and literally ends up into production, the morecostly it is for a firm.

What we wanted to do was identify as many of those issues aspossible, as early in the process as possible, so that we can continue to drive efficienciesand continue to deliver quality to our customers.

Source: Youtube