Welcome!

Bill Roth, Ulitzer Editor-at-Large

Bill Roth

Subscribe to Bill Roth: eMailAlertsEmail Alerts
Get Bill Roth via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Latest Blogs from Bill Roth
LogLogic is the IT Data Management Company. But what is IT Data Management? We’ve put together a 90 video with our friends from Micro-Documentaries to explain what we  think IT Data Management is all about.   Let us know what you think.
One thing you can say about RSA is that they have some serious people for their keynotes. Last year, Secretary of the Department of Homeland Security Janet Napolitano spoke. Earlier this week, Deputy Secretary of Defense, William J Lynn III gave a talk on the his view of the evolution ...
In a nearly full conference hall, the Tuesday morning RSA 2011 keynotes included talks from EMC, VMWare and Symantec, and an all-star cryptography panel.  The panel started by opening remarks by Ari Juels, Director of RSA Labs, who asked as a moderator. The main theme was the the ...
Last week I met with Dave, who used to run systems for one of the world’s largest and most successful financial firms. They have a $1bn+ IT budget and a huge amount of it is spent on storage. They’ve decided to shift at least some of their spending towards OpenSto...
The major theme of this year's RSA Conference is, guess what, security. This is the largest security show of the year, and its clearly a big deal, since it covers both sides of the Moscone Center in San Francisco. As of 10 a.m. on Monday, preparations are still being made. The...
Nothing excites the national press like a royal wedding. As we all know, Prince William has proposed to Kate Middleton, and by all accounts they seem very happy together. We at LogLogic have a long history in the United Kingdom, and we’d like to make sure this blessed event goes off wi...
Happy Valentines people. Today we show love to the world of databases. We’ve just announced our Database Security Manager 4.1 refresh. Most of you out there, collect logs from all sorts of interesting places, and do really useful things with that information. It’s therefore a constant ...
Our very own Dimitri McKay was interviewed for the cover of SC Magazine. He’s so cool he didn’t even take his jacket off! The interview ranged wildly, covering compliance, trees, Justin Bieber, operational complexity, clouds, and Black Hat. We’re proud of you mate. Nice job.   ...
We are proud to present the very first FREE download from LogLogic! (Obviously we've had tech-previews and other stuff before, but this time, we're shipping the real deal!) A brand new MX-Virtual package bundled with Lasso Enterprise is available for download from our website. The do...
Over the next few posts, we’ll investigate how the expression “An ounce of prevention is worth a pound of cure” could also be applied to the IT world, and what are the tools to foster such prevention through behavior modification. When looking at IT security, it seems that most of the...
I’m spending an increasing percentage of my time finding great talent.  And much of the rest of my time is spent motivating and organizing that team.  And the better job we do at getting great people the less time we need to spend on making sure they are doing the right...
There is a new podcast on LogLogic.com about our recently released Compliance Manager 2.0. We sat down and talked with two LogLogic insiders, Chima Njaka, Director of Product Management for Compliance Manager, and Andy Morris, Director of Product Marketing. In this podcast, they talk a...
A friend sent over a link to the Lush Hack this morning. I immediately had 2 reactions. First, I love the title and the mental image it conjures up. Second, my reaction was right out of Saturday Night Live’s Weekend Update….Really!?! This breach should be embarrassing to Lush and any o...
We’ve talked about ‘panes of glass’, analytic engines, GUI’s, compliance dashboards and so on. The flagship dashboard of our ‘Use’ technology is our Compliance Manager 2.0 software. We can use this to build extremely informative, accurate insight in to your compliance stance, whether t...
Serendipity is one of those great words in the English language – I am not sure why – perhaps its how it sounds & the flow of syllables, or perhaps just what it means which makes it so appealing – the act of finding or discovering things by accident. Most people love it when a sere...
How big is the demand for data storage?This is a little bit like asking - how smart do you want to be.Consider just a couple of cases where today’s aging, lock in based models are standing in the way of human progress.Start with telemetrics and related use cases.  Read any t...
Our latest LogLogic Podcast is now live! In this edition you’ll here interviews from Mark Goldenberg of Savvis, and veteran Network Security Manager Rich Popson on how they use LogLogic’s products (both SIEM and log management) to manage Cisco ASA and PIX products. To subscribe to our ...
We’re starting a series of webinars hosted by NexentaStor and users this year.  We thought a great place to start was Stanford since our roots are in Stanford.  We have benefited tremendously over the years from thoughtful feedback based upon a deep and broad understand...
This morning we sent out a press release on our 2010 results. It was good year overall for us, with lots of accomplishments. But we also did a lot of building out. That is, putting things in place which as not seen the light of day...yet. “Even with this performance, I’d still say that...
As a child I was mesmerised by Star Trek (the original series of course) as I was fascinated by thinking about all the great gadgets we would have in the future. Now that that future has arrived I see communicators are an everyday reality with the advent of mobile phones, we also have ...
It's been a busy time here this January. We've had all our sales people in a room for 3 days for the big sales hoopla, with many of them heading off to Hawaii now for their 110% club award. We've actually launch TWO products (yes it is only January 18th) and we've another coming on Mon...
Today we have announced our membership in the Open Innovation Network; you can read the official announcement here.  In this post I’d like to explain why we did so in a little more detail.1. Increasing impact of OpenStorage and NexentaStor means predators may get annoye...
In my last post I discussed 5 of the top 10 drivers: exponential growth in demands, massive profitability for legacy storage vendors, hardware commoditization (and Sandy Bridge), Silent data corruption, and “developers, developers, developers and the cloud.”In thi...
Most predictions about the storage industry seem to be either in the weeds (”will FCOE take off - and what flavor?”) or driven by the most sensational news possible (”Cisco will buy EMC and Oracle will buy NetApp!”).   This list strives to take a balanced v...
We were the first in our industry to publish an open API to our core functions, and we always tell our customers that if our UI doesn’t quite fit their corporate needs, they can easily build their own portal. So, we took a dose of our own medicine. Ladies and Gentlemen…I give you the L...
By Anton Chuvakin Starting from Requirement 1 “Install and maintain a firewall configuration to protect cardholder data” we see that it mentions that organizations must have “a formal process for approving and testing all external network connections and changes to the firewall configu...
By Anton Chuvakin The requirement itself is called “Track, and monitors all access to network resources and cardholder data” and is organized under the “Regularly Monitor and Test Networks” heading in PCI DSS. The requirement is organized in several sections related to process, events ...
By Guy Churchward The past few weeks I’ve been convincing myself that an interesting, maybe even ‘thought provoking’ blog on the convergence of IT operations and security would be of value. The signs are definitely here, our clients talk about it, every analyst I meet asks me about it,...
Bill Roth I love information security stories in the mainstream press. They are often a generous amalgam of fear-mongering, misinformation, and technical ignorance. The truth is always buried somewhere under the headline, if it is even in the story at all. Consider two recent mainstrea...
This article is cross posted from Anton's blog simply because we think the more people that see it, the better. Thanks Anton. By Anton Chuvakin. Once upon a time, I was retained to create a comprehensive PCI DSS-focused log review policies, procedures and practices for a large compan...
I read a story today in eWeek about sidejacking and FireSheep. The headline read “Firesheep and Sidejacking Not Just a WiFi Problem”. First, it is important to know that I love “portmanteaus”, or made up words. So, the headline was a twofer, and was as exciting as it was incomprehensib...
  We’re holding a webinar on the challenges faced by companies who have to make changes to their business operations due to compliance issues. For IT departments, the pressure to deliver a secure IT infrastructure against a background of constantly changing compliance and regulato...
Among other things, PCI DSS mandates creating system logs and reviewing them from all systems in scope for PCI compliance. One should always remember that log collection and review are also critical for good security operations and incident response. In this article, we will focus on o...
Woohoo, it’s officially international Beatles day over at Apple. To spread the joy we’re giving away all 256 items that make up the Beatles Box Set over on iTunes.   All you’ve got to do is answer 7 easy PCI related questions and your name will be placed in the draw. One lucky win...
I have a love/hate relationship with trade shows. On the one hand, I love them. I love meeting customers and prospects, and I love the shameless boosterism that it entails. On the other hand, as someone who has to manage to a budget and deliver ROI, I hate them. The ROI never works out...