Analysts at Gartner are predicting a steady increase in managed security services as companies look to outsourcing as a way to cut costs. In this edition of Security Squad, we discuss the issues that result from outsourcing security services. We also discuss the sudden increase of SQL injection attacks and whether developers are using more secure software coding techniques.
Managed security services, SQL injection attacks
-
Download MP3 or press play
- (1:15) Some vendors are offering their security products as software-as-a-service options.
- (3:17) Gartner analysts tout managed security services.
- (4:15) What are the problems with outsourcing security when the software is not within the confines of the company systems?
- (8:29) Do regulations such as PCI cover managed security services?.
- (9:44) Researchers have been tracking a wave of SQL injection attacks. Why are attackers using old methods?
- (12:37) All it takes is a coding error. Online payment service, PayPal was the victim of a SQL injection attack.
- (13:11) Why do security researchers such as Gary McGraw yawn when they hear SQL injection?
- (15:45) Gary McGraw offered up a positive view of secure software coding.
- (17:42) Are we ever going to see a seal of approval on products guaranteeing the secure coding?
- (19:34) If more software is sold as a service, could that enable vendors to guarantee the security?