Web Application Firewalls: More than just a compliance checkbox?
The discussion on whether Web Application Firewalls (WAFs) make a good application security control is still very much alive. Some consider it a highly effective control that satisfies PCI-DSS, while others do not believe it is at all a useful replacement of, or addition to software (code) review. Although it is indeed no substitute for well-designed and -built software, the capabilities of a modern WAF generally go beyond basic bug protection and may realize value even for those organizations that have existing software security capabilities. This presentation will explore pros and cons of WAF capabilities, how these may be utilized to enhance the application architecture, and what the future may bring for WAF.
RecordedApr 16 200935 mins
Your place is confirmed, we'll send you email reminders
Anne Thomas Manes, VP & Research Director, Burton Group Research, Gartner, Inc.
Effective governance is a critical element in fostering a successful service oriented architecture (SOA) initiative. SOA governance directs the SOA initiative and helps ensure that it delivers value to the business. Unfortunately, numerous interviews with Burton Group clients reveal that many organizations don’t know which aspects of the SOA initiative to govern or how best to govern them. This session presents a framework for developing a SOA governance program.
Richard Jones VP & Service Director at Burton Group
Server virtualization has matured to the level of enterprise production deployment resulting in increased complexity as it is integration into the enterprise data center environment. Mission critical workloads are being deployed in virtual environments in order to gain the flexibility and cost savings that server virtualization affords, however, these workloads demand enterprise level management and tight security controls that have heretofore not been required of virtual environments. In this presentation, Burton Group’s Data Center Strategies Service Director Richard Jones will walk through the trends and issues facing server virtualization as it finds its way into the production data center.
Successful Configuration and Change Management requires data from multiple sources. In addition to the configuration data that typically lives in the CMDB, to get a complete picture you must often pull together supplemental information about software applications. Information about software applications comes from diverse IT groups such as Operations, Security, Finance, Data Management, Help Desk, Project Management, and Enterprise Architecture. Each of these groups typically maintains a silo of their own information about software applications, which information could be quite valuable for Configuration and Change Management processes. You can’t force these groups to get rid of their own silos of information about software, so how can Configuration and Change Management processes use their data effectively? This presentation explains a case study in federating and harmonizing data about software applications from multiple silos.
Although it's been more than two years since the Supreme Court modified the Federal Rules of Civil Procedure (FRCP)--which greatly elevated the status of electronically stored information for court cases--most organizations are still struggling to get their arms around the critical elements of eDiscovery. Many security and compliance teams have spent their careers justifiably focused on protecting information’s confidentiality; ensuring data availability and discoverability is a whole new game. This talk will review the major snags and snarls caused by eDiscovery and present both a maturity model and industry trends around the impact of electronic discovery.
Eric Maiwald, Vice President and Research Director at Burton Group
Today’s workforce is increasingly on the move and enterprises must meet the demands for secure access to information systems to support new business models. No longer can the enterprise dictate what device the employee will use for access – devices may be enterprise owned but enterprises must also support employee-owned and even or public access devices. The mobile workforce also includes non-employees that perform valuable services for the organization, and need limited access to protected systems.
This talk will address:
• Use cases for mobile workers
• Technical solutions that may assist in managing the risk to the enterprise
• Deployment considerations that enterprises should take into account
Phil Schacter, Vice President and Research Director
Buron Group analysts consider the potential impact of an H1N1 pandemic on the IT organization, and identify steps that can be taken to support the organization by leveraging collaboration tools, data center automation, and an exoanded program of remote access by employees and partners. Issues related to how an organization manages identity, and secures endpoints and remote access will also be consodered.
After years of quiet, the productivity suite market is going through a rebirth, bolstered by new competitors (e.g., Google, IBM, ThinkFree, and Zoho), more price points (from free to several hundred dollars per user), more delivery models (e.g., software, SaaS, and software/SaaS), and a broader vision of functionality (content sharing and collaboration). In this TeleBriefing, Research Director Guy Creese rates vendor capabilities as well as their strategy and vision, delivering a market quadrant that will help enterprises understand their productivity suite options.
Burton Group has identified IT trends that will ultimately affect enterprise IT practices and strategy. The trends also bring business and technology stakeholders closer together, especially where pure economics drive enterprise IT decisions. IT professionals find themselves at a critical junction in the decade beginning in 2010.
CIO Executive Strategist Jack Santos with Ania Levy of Levy Legette
Join CIO Executive strategist Jack Santos as he discusses vendor management strategies with licensing expert Ania Levy of Levy Legette.
An expense strategy that works regardless of economic climate (good or bad) coupled with a growth in cloud-based IT makes supplier relationship skills a core competency for IT departments. Meanwhile, software vendors continue to make the licensing process unnecessarily complex, and both parties lack the lessons of experience to police and administer agreements.
Ms. Levy’s extensive experience with vendor negotiation, contract review, and software licensing will enable her to share with us her insights into the world of vendor and contract management.
Enterprises continue to consider ways to cut their IT costs by externalizing their IT functions, through software as a service (SaaS), cloud computing, and outsourcing. However, these strategies alone will not fulfill an enterprise’s compliance and profitability mandates. Enterprises are facing demands for regulatory transparency and for economic profitability. To meet these demands, enterprises will need to obtain better information from their existing information systems. An effective strategy for returning to economic growth and for satisfying regulatory requirements in 2010 must include data governance and competent data management.
In this brief webcast, senior analyst Chris Wolf highlights his expectations for the VMworld keynotes, along with his thoughts on where best to spend time in the Solutions Exchange and in the conference sessions.
Christopher Stallings, Marketing Communications Manager at Burton Group
Another Good Idea for Bad Times: Video!
Just in case you missed some Catalyst sessions or need to make sense of your less-than-legible notes, we've made all the sessions available with video, audio and slides. Presentations are available for streaming download. We'll explore the e-commerce web page and explain your options in purchasing Catalyst Conference sessions.
Burton Group will showcase its early work on internal cloud hardware infrastructure as a service (HIaaS) reference architecture on Wednesday July 29th at Catalyst North America. In this webcast, senior analyst Chris Wolf provides additional details on the top-level HIaaS reference architecture, and highlights key architectural elements such as the virtual data center, cloud OS, virtual and physical infrastructure, external cloud connector, internal cloud management, and enterprise management.
Details of Burton Group’s internal cloud reference architecture - the result of extensive vendor and customer collaboration.
A special focus on the growing list of management pitfalls, troubleshooting complexity, future management trends, and practical advice on what can be done today to effectively manage the virtual infrastructure.
Dissection of vendor hype and an emphasis on architecture and steps to take now to optimize virtual infrastructure operations and management.
In modern enterprises, data silos are hampering vital work at all levels of the organization. Data silos inhibit the flow of information to the businesspeople who carry out the enterprise’s mission.
Methodology for Overcoming Data Silos (MODS) projects are data management projects that are ideal for today’s IT environment: inexpensive, low-risk projects that deliver compelling results for the business.
Lori Rowland, Senior Analyst & Bob Blakley, VP and Research Director
The April 20th announcement that Oracle is acquiring Sun Microsystems sent huge shockwaves through the IT marketplace. This is particular true of the identity management (IdM) market in which there is significant overlap between the two vendors’ offerings. Customers are concerned about their IdM investments and are eager to learn what the combined product roadmap has in store. Many Sun/Oracle customers must make product selection decisions during the quiet period for the acquisition – they can’t stop their businesses until the product roadmap is released. In this BrightTalk presentation, Burton Group Sr. Analyst Lori Rowland and Vice President and Research Director Bob Blakley will discuss the potential impact of the acquisition on IdM customers and advise organizations on steps they should take today to ensure the best possible outcome.
Michael Disabato, Vice President and Service Director at Burton Group
The Information Technology Infrastructure Library (ITIL) version 3 moves this set of best practices from alignment with the business process to integration with business functions at all levels. In this presetation, Burton Group Network and Telecom Strategies Service Director Michael Disabato will discuss the difference between version 2 and version 3, how this affects current ITIL implementations, and the impact on an organization.
Enterprise SaaS e-mail is an early sign of change coming to IT organizations that enable the challenges of deploying to cloud based platforms. Now is the time for enterprises to examine their e-mail needs and what they are presently spending on e-mail and identify the constraints of moving to SaaS offerings. As part of any evaluation, enterprises need to allocate time for both technical and vendor due diligence covering identity management, security, risk management, networking, and application development requirements that meet the business’s technical needs. This webcase outlines Burton Group proposed approach to assist enterprises in avoiding roadblocks and understand a hybrid or fully hosted email environment.
Anne Thomas Manes Vice President and Research Director at Burton Group
Many service oriented architecture (SOA) initiatives have stalled or failed. And prospects for SOA look bleak in 2009. Most organizations have cut funding for their SOA initiatives. Except in rare situations, SOA has failed to deliver its promised benefits. It's time to face reality: the term "SOA" now carries too much baggage. It's time to declare that SOA is dead and move on to the more practical matter of bringing up its offspring. SOA's untimely demise is tragic, but, fortunately, many aspects of SOA live on-particularly in the form of services. Services provide the fundamental building blocks that enable software as a service (SaaS), cloud computing, and business process management (BPM). This Catalyst track will examine the myths and misconceptions that derailed SOA efforts, provide guidance for salvaging value, and supply actionable direction for future efforts.
Face it. Your SOA initiative has failed. So where do you go from here?
Burton Group provides in-depth, IT research and advisory services to executives and technologists at Global 2000 organizations. Focused on strategic business technologies and the unique needs of enterprise organizations, Burton Group provides clients company-wide access to its world-renowned analysts and a suite of powerful, intuitive research and decision support tools unmatched in the industry. www.burtongroup.com