Partial Bibliography

I’ve written a whole lot of stuff. At some point I made a partial bibliography of the technology stuff.

Cyber Crime

Gragido, W; Molina, D; Pirc, J; Selby, N (2012) Blackhatonomics: An Inside Look At The Economics of Cybercrime Syngress, Boston.

Data Loss Prevention

Selby, Nick. 2008. Mind The Data Gap. New York: The 451 Group. Print.

Selby, N. 2009. [Online] Safend, building out its DLP portfolio, updates Encryptor. New York: The 451 Group. 5 Jun 09.

Selby, N. 2009. [Online] GuardianEdge, with 60% bookings growth, approaches a turning point. New York: The 451 Group. 8 May 09.

Selby, N. 2009. [Online] Fidelis announces XPS 5.2 with scanning within local network, and a granted US patent. New York: The 451 Group. 22 Jan 09.

Selby, N. 2009. [Online] Unmitigated chutzpah or the next big thing? BitArmor guarantees against breach. New York: The 451 Group. 21 Jan 09.

Selby, N. 2009. [Online] CA swoops in on Orchestria to connect the dots between data and identity. New York: The 451 Group. 6 Jan 09.

Selby, N. 2008. [Online] Not to be outdone by EMC/Microsoft, McAfee and Liquid Machines join forces in DLP/IRM. New York: The 451 Group. 11 Dec 08.

Selby, N. 2008. [Online] Microsoft licenses EMC data classification kit for Active Directory Rights Management. New York: The 451 Group. 5 Dec 08.

Selby, N. 2008. [Online] Code Green launches TrueDLP, an enterprise-class anti-data-leakage offering. New York: The 451 Group. 7 Nov 08.

Selby, N. 2008. [Online] McAfee takes out Reconnex in a $46m deal that can set the DLP-acquisition bar low. New York: The 451 Group. 31 Jul 08.

Selby, N. 2008. [Online] With good income and a pocket full of euros, Utimaco is going shopping. New York: The 451 Group. 10 Jul 08.

Selby, N. 2008. [Online] Dan Geer becomes In-Q-Tel’s CISO, will continue as Verdasys’ chief scientist emeritus. New York: The 451 Group. 29 May 08.

Selby, N. 2008. [Online] Fidelis and Verdasys team for agent- and network-based anti-data-leakage. New York: The 451 Group. 5 May 08.

Selby, N. 2008. [Online] Varonis expands its flavor of data governance to Unix systems. New York: The 451 Group. 29 Feb 08.

Selby, N. 2008. [Online] Vericept quietly builds out anti-data-leakage business after management restart. New York: The 451 Group. 4 Jan 08.

Selby, N. 2008. [Online] Orchestria evolves into full-blown hybrid anti-data-leakage tool. New York: The 451 Group. 16 Jan 08.

Selby, N. 2008. [Online] After the story leaks, RSA acknowledges. New York: The 451 Group. 8 Jan 08.

Selby, N. 2007. [Online] Symantec and Vontu finally tie the knot for $350m; who’s next to go in ADL?. New York: The 451 Group. 5 Nov 07.

Selby, N. 2007. [Online] Trend Micro continues ADL consolidation, takes out itsy-bitsy Provilla. New York: The 451 Group. 25 Oct 07.

Selby, N. 2007. [Online] Code Green Networks saws off the shotgun for bigger spread at its sweet spot. New York: The 451 Group. 10 Oct 07.

Selby, N. 2007. [Online] Raytheon could tell you what it paid for Oakley, but then it would have to kill you. New York: The 451 Group. 25 Sep 07.

Selby, N. 2007. [Online] EMC’s RSA moves to fill anti-data-leakage gap with purchase of Tablus. New York: The 451 Group. 9 Aug 07.

Selby, N. 2007. [Online] After years of mostly organic growth, endpoint security firm GFI takes on North America. New York: The 451 Group. 25 Jul 07.

Selby, N. 2007. [Online] Check Point’s Pointsec earns FIPS 140-2 certification for Protector, crypto module. New York: The 451 Group. 17 Jul 07.

Selby, N. 2007. [Online] Data leakage: technical or HR problem? 42 vendors think they know the answer. New York: The 451 Group. 2 Jul 07.

Selby, N. 2007. [Online] Fidelis 4.0 expands management console workflow and adds a Milter-based mail agent. New York: The 451 Group. 28 Jun 07.

Selby, N. 2007. [Online] Safend, nearing breakeven, considers a funding round in 2008 and announces Lenovo deal. New York: The 451 Group. 22 Jun 07.

Selby, N. 2007. [Online] PatchLink goes serial with acquisition of whitelisting vendor SecureWave. New York: The 451 Group. 22 Jun 07.

Selby, N. 2007. [Online] Websense, expanding its data-leakage offering, takes out SurfControl for $400m. New York: The 451 Group. 4 May 07.

Selby, N. 2007. [Online] Chronicle’s ADL ties users to documents. New York: The 451 Group. 3 May 07.

Selby, N. 2007. [Online] Check Point earnings off 25%, but acquisitions and R&D in hot spaces show promise. New York: The 451 Group. 27 Apr 07.

Selby, N. 2007. [Online] Bluefire announces Symantec OEM deal; may seek strategic funding in 2007. New York: The 451 Group. 23 Jan 07.

Selby, N. 2007. [Online] Anti-data-leakage vendor Tablus inks VeriSign PCI deal. New York: The 451 Group. 22 Feb 07.

Selby, N. 2007. [Online] McAfee launches anti-data-leakage product based on Onigma acquisition. New York: The 451 Group. 16 Feb 07.

Selby, N. 2007. [Online] DB security vendor Imperva releases Scuba, a free database vulnerability scanner. New York: The 451 Group. 6 Feb 07.

Selby, N. 2007. [Online] On the back of strong growth, anti-data-leakage vendor Vontu adds an endpoint agent. New York: The 451 Group. 31 Jan 07.

Selby, N. 2007. [Online] Guardium updates core modules, launches Change AuditGuard. New York: The 451 Group. 26 Jan 07.

Selby, N. 2007. [Online] Verdasys bolsters its application monitoring capabilities. New York: The 451 Group. 16 Jan 07.

Selby, N. 2007. [Online] Websense solidifies its ADL play with $90m PortAuthority swoop. New York: The 451 Group. 5 Jan 07.

Selby, N. 2006. [Online] Like McAfee, Symantec will address data leakage through acquisition. New York: The 451 Group. 27 Oct 06.

Selby, N. 2006. [Online] McAfee fires president, and CEO quits, then it buys ADL vendor Onigma for $20m. New York: The 451 Group. 20 Oct 06.

Selby, N. 2006. [Online] Reconnex, emerging from shakeup, prepares for a relaunch. New York: The 451 Group. 8 Sep 06.

Selby, N. 2006. [Online] SanDisk buys msystems for $1.5bn, boosting its position in NAND flash market. New York: The 451 Group. 4 Aug 06.

 

Selby, N. 2005. [Online] M-Systems’ Xkey Shield provides USB media security management. New York: The 451 Group. 23 Nov 05.

 

Penetration Testing and Vulnerability Analysis

Crawford, S. and Selby, N. 2010. [Online] It92s the Adversaries who are Advanced and Persistent. ThreatPost. January 26, 2010. [Available: http://bit.ly/cXbW96]

Selby, N. 2009. [Online] The Penetration Testing Marketplace in 2010. ThreatPost. December 1, 2009. [Available: http://bit.ly/cyVNfH]

Selby, N. 2009. [Online] Reloading Risk Back Onto The Utilities. FudSec.com. November 26, 2009. [Available: http://bit.ly/54DWgg]

Selby, N. 2009. [Online] Losing the Echo Chamber in the Critical Infrastructure Security Debate. ThreatPost. November 18, 2009. [Available: http://bit.ly/9e8BCt]

Naraine, R & Selby, N. 2009. [Online, multimedia] Trident Risk Management’s Nick Selby on Metasploit and Rapid7. The Big Story podcast with Ryan Naraine, ThreatPost. October 22, 2009 [Available: http://bit.ly/a40m6H]

Selby, Nick. 2008. Mind The Data Gap. The 451 Security Quarterly New York: The 451 Group. Print.

Selby, Nick. 2007. Sector View: Current Security Trends and Developments. The 451 Security Quarterly New York: The 451 Group. Print.

Selby, Nick. 2009. [Online] Immunity’s Canvas releases Cloudburst, allowing breakout from guest OS. New York: The 451 Group. 6/4/2009.

— 2009. [Online] Immunity, growing fast and profitably, expands reach through partnerships. New York: The 451 Group. 3/19/2009.

— 2009. [Online] Core Security, with Impact at version 8 and customers above 800, hits its stride. New York: The 451 Group. 2/6/2009.

— 2009. [Online] With a longer runway than it expected, Cenzic hits rotation speed. New York: The 451 Group. 2/3/2009.

— 2008. [Online] With new funding, Palamida moves toward vulnerabilities in open source code. New York: The 451 Group. 12/5/2008.

— 2008. [Online] nCircle updates its approach with Suite360 and a Web app scanner. New York: The 451 Group. 11/20/2008.

— 2008. [Online] WhiteHat builds out cross marketing with F5 and expands training. New York: The 451 Group. 11/7/2008.

— 2008. [Online] Core, claiming profits, hires former Sophos North America president as new CEO. New York: The 451 Group. 3/12/2008.

— 2008. [Online] Mu Security’s gains in SCADA, network equipment manufacturing push it past fuzzing. New York: The 451 Group. 3/6/2008.

— 2007. [Online] WhiteHat Security, reporting significant growth, doubles headcount. New York: The 451 Group. 12/10/2007.

— 2007. [Online] Core’s Impact 7.5 and Grasp focus on Web application security. New York: The 451 Group. 10/16/2007.

— 2007. [Online] Legal settlement forces Cenzic and HP (SPI) to play nice and share. New York: The 451 Group. 10/3/2007.

— 2007. [Online] Cenzic looks to mold itself into an acquisition target, starting with Hailstorm 5.0. New York: The 451 Group. 7/19/2007.

— 2007. [Online] Core Security loses flash and substance 96 CEO and product manager 96 in shakeup. New York: The 451 Group. 7/18/2007.

— 2007. [Online] Gleg acquires Argeniss’ zero-day exploit update pack. New York: The 451 Group. 7/12/2007.

— 2007. [Online] HP takes out SPI Dynamics in latest Web application security acquisition. New York: The 451 Group. 6/22/2007.

— 2007. [Online] IBM buys Watchfire, brings Web application penetration testing to the Rational line. New York: The 451 Group. 6/8/2007.

— 2007. [Online] Profitable SPI Dynamics launches Phoenix and WebInspect 7.0. New York: The 451 Group. 2/1/2007.

— 2007. [Online] Sabre Security, with a 80100,000 tech prize, expands BinNavi and VXClass. New York: The 451 Group. 1/18/2007.

— 2007. [Online] Profitable Watchfire releases AppScan Reporting Console and AppScan 7.0. New York: The 451 Group. 1/9/2007.

— 2007. [Online] Core 6.2 adds enhanced encryption, authentication and shell access to exploited hosts. New York: The 451 Group. ½/2007.

— 2006. [Online] Metasploit completes license change, updates pen-test platform. New York: The 451 Group. 8/2/2006.

— 2006. [Online] Immunity integrates Spike, launches VisualSploit and builds out its partner program. New York: The 451 Group. 7/21/2006.

— 2006. [Online] Beyond Security launches beStorm vulnerability assessment software. New York: The 451 Group. 4/17/2006.

— 2006. [Online] Emerging from stealth, Mu Security launches a commercial-grade fuzzing appliance. New York: The 451 Group. 4/5/2006.

— 2005. [Online] Cenzic releases version 3.0 of its Hailstorm Web application pen tester. New York: The 451 Group. 12/15/2005.

— 2005. [Online] Immunity takes an open source approach to penetration testing. New York: The 451 Group. 11/30/2005.

— 2005. [Online] Core Security’s Impact brings pen testing in-house to network admins. New York: The 451 Group. 11/29/2005.

Security Information and Event Management

Selby, N (2009) Enterprise Security Information Management. New York: The 451 Group.

Selby, N (2006) ESIM: Security Information Management Moves Upstream. New York: The 451 Group.

Selby, N. (June 10, 2009) [Online]. Decurity, with some flagship accounts under its belt, branches out. New York: The 451 Group

— (June 4, 2009) [Online]. Vigilant launches Fulcrum, a config library to scale its ESIM deployment chops. New York: The 451 Group

— (June 2, 2009) [Online]. LogLogic extends its series D by $8.8m, bringing total raised to $58.8m. New York: The 451 Group

— (June 1, 2009) [Online]. ArcSight launches ArcSight Express and announces a Cisco partnership. New York: The 451 Group

— (May 1, 2009) [Online]. New trends in enterprise security information management, 05/01/09. New York: The 451 Group

— (April 22, 2009) [Online]. LogLogic buys Exaprotect to shore up its total ESIM/log management story. New York: The 451 Group

— (March 13, 2009) [Online]. RSA’s enVision 4.0 targets smarter sourcing of event data and better reporting. New York: The 451 Group

— (March 5, 2009) [Online]. ArcSight nails another quarter 96 has it yet felt the pain of recession?. New York: The 451 Group

— (February 17, 2009) [Online]. LogLogic and Exaprotect join forces for converged ESIM and log management. New York: The 451 Group

— (February 17, 2009) [Online]. netForensics buys High Tower assets. New York: The 451 Group

— (January 23, 2009) [Online]. ESIM vendor eIQnetworks closes $10m series A funding from Venrock. New York: The 451 Group

— (December 12, 2008) [Online]. With one hand firmly gripping its BatBelt, Splunk markets to the C-level. New York: The 451 Group

— (December 9, 2008) [Online]. ArcSight hits profitability and positive cash flow 96 now to keep it up. New York: The 451 Group

— (November 14, 2008) [Online]. Q1 Labs, extending upselling success of SLIM, launches QRadar SLIM-Free Edition. New York: The 451 Group

— (November 7, 2008) [Online]. ArcSight Logger 3 captures faster, reports better and increases onboard storage. New York: The 451 Group

— (September 23, 2008) [Online]. eIQnetworks hires a new president, fires channel and a low-cost product line. New York: The 451 Group

— (July 30, 2008) [Online]. Government hunting is so happy for Tier-3 that it’s breaking out its product lines. New York: The 451 Group

— (July 11, 2008) [Online]. Inspekt Security launches behavioral and security event analysis service. New York: The 451 Group

— (June 10, 2008) [Online]. Mazu can see clearly now; 8.1 targets network ops as much as security. New York: The 451 Group

— (April 7, 2008) [Online]. EMC and RSA integrate enVision and VoyenceControl. New York: The 451 Group

— (February 6, 2008) [Online]. Alert Logic, in new Houston digs, launches on-demand grid-hosted log management. New York: The 451 Group

— (January 30, 2008) [Online]. eIQnetworks, stepping up its competitive heat, launches SecureVue appliance. New York: The 451 Group

— (January 28, 2008) [Online]. In an aggressive counter to Cisco, Q1 Labs cuts OEM deals with Nortel and Juniper. New York: The 451 Group

— (December 17, 2007) [Online]. Extending its Logger functionality, ArcSight launches Log Management Suite. New York: The 451 Group

— (December 6, 2007) [Online]. TriGeo launches Splunk integration, adds more PCI punch to its SEM. New York: The 451 Group

— (November 27, 2007) [Online]. Mazu Networks continues NOC-SOC intermediary push with Profiler 8. New York: The 451 Group

— (November 14, 2007) [Online]. To make a huge managed security play, what will Cisco buy?, 11/14/07. New York: The 451 Group

— (November 12, 2007) [Online]. eIQnetworks launches SecureVue 3.0, adding flow and GRC to its enterprise ESIM. New York: The 451 Group

— (November 5, 2007) [Online]. Q1 Labs’ SLIM gets log management foot in the door, then goes for ESIM gusto. New York: The 451 Group

— (October 1, 2007) [Online]. ArcSight’s latest feature-based upgrade targets PCI monitoring. New York: The 451 Group

— (September 13, 2007) [Online]. After hinting for three years, ArcSight files for an IPO; uh, does it earn money?, 09/13/07. New York: The 451 Group

— (September 12, 2007) [Online]. ArcSight’s S-1 reveals big revenue, persistent losses and a compliance ding. New York: The 451 Group

— (June 28, 2007) [Online]. With Solsoft integration nearly complete, Paris-based Exaprotect moves west, 06/28/07. New York: The 451 Group

— (June 26, 2007) [Online]. With network operations in mind, Mazu Networks and eIQnetworks partner. New York: The 451 Group

— (June 7, 2007) [Online]. eIQnetworks announces SecureVue 2.5 and licensing deal with Huawei-3Com. New York: The 451 Group

— (June 4, 2007) [Online]. Tier-3’s ESIM and anomaly detection targets network threats and fraud. New York: The 451 Group

— (May 25, 2007) [Online]. Clavister adds ESIM to its unified threat management platform. New York: The 451 Group

— (May 21, 2007) [Online]. With 4.0, ArcSight hopes ESM will move toward enterprise-wide relevance. New York: The 451 Group

— (May 15, 2007) [Online]. Seeking to widen its appeal outside security, LogLogic announces new features. New York: The 451 Group

— (April 12, 2007) [Online]. With new partners and management, SenSage raises $5m in series D funding. New York: The 451 Group

— (February 12, 2007) [Online]. TriGeo’s 4.0 combines network anomaly detection and service management. New York: The 451 Group

— (February 8, 2007) [Online]. eIQnetworks releases SecureVue, an aggressive up-stack move toward ITSM. New York: The 451 Group

— (December 8, 2006) [Online]. IBM buys Consul Risk Management to extend Tivoli Security Operations Manager. New York: The 451 Group

— (December 8, 2006) [Online]. Seven months on, Novell readies the next generation of e-Security ESIM, 12/08/06. New York: The 451 Group

— (December 4, 2006) [Online]. ArcSight moves the goalposts with Logger and Network Configuration Manager. New York: The 451 Group

— (November 27, 2006) [Online]. Intellitactics shifts from pure security to ESIM-based risk metrics. New York: The 451 Group

— (November 21, 2006) [Online]. Cambia and ArcSight play key security roles in HP-Mercury’s Universal CMDB. New York: The 451 Group

— (October 24, 2006) [Online]. LogRhythm 96 lean, mean and bootstrapped 96 takes new angel money, rolls out 3.5. New York: The 451 Group

— (October 18, 2006) [Online]. NitroSecurity plans new funding, prepares to launch NBAD/IPS/ESIM hybrid. New York: The 451 Group

— (October 13, 2006) [Online]. ExaProtect and Solsoft in an ‘acquisition by merger’. New York: The 451 Group

— (September 29, 2006) [Online]. SenSage-EMC deal brings SenSage from security into a new world of data management. New York: The 451 Group

— (September 28, 2006) [Online]. Consul morphs log collection and mining into a policy management play. New York: The 451 Group

— (September 25, 2006) [Online]. Q1 Labs upgrades device discovery, improves its UI and expands its channel. New York: The 451 Group

— (September 22, 2006) [Online]. EMC, its RSA buy approved, adds Network Intelligence for $175m. New York: The 451 Group

— (September 18, 2006) [Online]. EMC gets RSA shareholder nod, buys Network Intelligence for $175m. New York: The 451 Group

— (September 14, 2006) [Online]. TriGeo adds features, doubles customer count; can it keep that small-town charm?. New York: The 451 Group

— (September 12, 2006) [Online]. ArcSight releases ITP to bolster insider-threat claims, proposes CEF standard. New York: The 451 Group

— (August 25, 2006) [Online]. Will HP extend OpenView and OpenCall functionality into ESIM through M&A?, 08/25/06. New York: The 451 Group

— (August 18, 2006) [Online]. ArcSight launches Network Response Manager, extending reach into infrastructure. New York: The 451 Group

— (July 25, 2006) [Online]. With ESA 2.5, eIQnetworks is latest ESIM vendor to scrap relational databases. New York: The 451 Group

— (July 13, 2006) [Online]. Securify adds identity correlation and predefined rules to version 5.2. New York: The 451 Group

— (July 6, 2006) [Online]. Symantec shuns relational database event storage in its security event manager. New York: The 451 Group

— (June 26, 2006) [Online]. Claiming sales and product momentum, PatchLink looks for more partners. New York: The 451 Group

— (May 26, 2006) [Online]. ArcSight buys configuration and quarantine vendor Enira Technologies. New York: The 451 Group

— (May 11, 2006) [Online]. Self-funded LogRhythm releases version 3.0, then cautiously considers external funding. New York: The 451 Group

— (April 28, 2006) [Online]. AttachmateWRQ acquires NetIQ for $495m. New York: The 451 Group

— (April 21, 2006) [Online]. Novell buys e-Security to integrate identity management and security management. New York: The 451 Group

— (April 11, 2006) [Online]. Security information management approaches a fork in the road, 04/11/06. New York: The 451 Group

— (March 24, 2006) [Online]. Mazu claims new partners and doubled revenue. Is it next on Symantec’s hit list?) [Online]. TDM Target IQ, 03/24/06. New York: The 451 Group

— (March 22, 2006) [Online]. Splunk ventures into the cavernous maw of enterprise log data. New York: The 451 Group

— (March 13, 2006) [Online]. Q1 Labs plans out-of-the-box interoperability with Packeteer. New York: The 451 Group

— (February 6, 2006) [Online]. LogLogic releases version 3.2, beefs up compliance reporting. New York: The 451 Group

— (February 3, 2006) [Online]. ArcSight looks for NBAD, end-point configuration and policy management functions, 02/03/06. New York: The 451 Group

— (January 30, 2006) [Online]. ArcSight homes in on compliance-insight marketing. New York: The 451 Group

— (December 19, 2005) [Online]. eIQnetworks brings high-volume, low-cost ESIM to the enterprise masses. New York: The 451 Group

— (November 14, 2005) [Online]. Q1 Labs targets midrange enterprises with QRadar 5.0 release. New York: The 451 Group

— (November 11, 2005) [Online]. Intellitactics emphasizes executive reporting and horizontal scalability. New York: The 451 Group

— (November 10, 2005) [Online]. e-Security hones its workflow integration and event enrichment for ESIM. New York: The 451 Group

— (November 1, 2005) [Online]. Network Intelligence repositions and targets ESIM big game. New York: The 451 Group

— (October 28, 2005) [Online]. TriGeo happily targets low end and midrange of ESIM market. New York: The 451 Group

— (October 27, 2005) [Online]. SenSage emphasizes security event analytics over incident response. New York: The 451 Group

— (October 19, 2005) [Online]. With version 3.5, ArcSight targets insider threats, subtle attacks… and an IPO?. New York: The 451 Group