Posts by Tom Spitzer

References for Data Security talk

This is a list of references I have assembled for the talks on Data Security that I am presenting at XPlor17, Enterprise Data World, and Data Summit this spring: Intel Security – Grand Theft Data CyberCriminals and their APT and AVT Techniques InfoSec Institute: Anatomy of an APT Attack: Step by Step Approach Forrester: Transform Your Security Architecture And Operations For The Zero Trust Ecosystem Forrester: The Future Of Data Security And Privacy: Growth And Competitive Differentiation Forrester Wave: Data Loss Prevention Suites Q4, 2016 Data Guardian’s Definitive Guide to Data Loss Prevention Guide to Cyber Threat Hunting (Digital Guardian) Read More

Categories: Databases, Security, and Uncategorized.
Languages: English.

The Rise of the Threat Hunter

Where I left off in my first entry about the RSA Expo was suggesting that “Threat Hunting” seemed to be arising as a new approach to protecting the enterprise from cyber-threats. Threat Hunting is predicated on the fact that the perimeter is crumbling and attackers are getting more sophisticated, so you can expect Advanced persistent Threats (APTs) to be in progress on your network, and you should find them before the steal something important. “EndGame” sponsored this nice little “Hunter’s Handbook”; I picked up a hard copy at the show. It talks about the process of hunting, and what technologies Read More

Categories: Security.
Languages: English.

RSA Expo Reflections

I spent two days in the Expo at this year’s RSA Conference, and came out of it dizzy and exhausted. I learned a few things. One is that this is an area that has been getting a lot of funding over the past couple years. The sucking sound you heard in San Francisco this week is the sound of data scientists and machine learning experts being sucked into the cyber-security vortex; I suspect that cyber-security is the reason salaries in those fields are continuing to increase. Everybody is pitching their “AI” or machine learning based solution keep you from getting Read More

Categories: Machine Learning and Security.
Languages: English.

Why Linux is so freaking difficult!

I’ve installed three different linux variants in virtual machines in the past week. One, LinuxMint based on Ubuntu, crashed repeatedly, so I deleted it. Another, CentOS with a command line UI, does not seem to be connecting to the network. So I went to Zorin, which I have used for years with relative success. It installed, connected to the network and seemed to be stable. There is a new version, version 12. It has a new software management application. I decided to use it to install a new software on the OS, a database that I work with (MongoDB). I Read More

Categories: Uncategorized.
Languages: English.

Oracle Gets Containers

At this year’s Oracle OpenWorld people from Larry Ellison on down were talking about Docker containers. I do not remember the subject coming up in the Oracle community in previous years. Before I start to get into why Oracle talking about Docker containers is important I should probably talk about what Docker containers are and what they are good for (and bad for). You probably have some experience with the concept of virtual machines, which are simulated computers running inside your physical computer. You can get Virtual Machine management software (like VMWare or Virtual Box from Oracle) and use it Read More

Categories: Uncategorized.
Languages: English.

MySQL Team Announces Version 8

The MySQL team has announced “version 8“, you can see highlights of the planned release at the link. You can find internal documentation on MySQL 8 here. This will be useful to developers and DBAs trying to understand what’s going on inside MySQL. The MySQL Team blog will be a good source of ongoing information. Another member of the MySQL team with a blog is Morgan Tocker. He calls it Master MySQL. You know, MySQL is a very popular database for “Web applications”. That is more due to the fact that it was easy for application developers to use without help from DBAs that Read More

Categories: Uncategorized.
Languages: English.

What’s New with the Oracle Database Appliance

Earlier this summer, Oracle announced single node versions of the X6 generation Oracle Database Appliance (ODA). At OpenWorld 2016, the ODA team was showing a new two node X6-HA which Principal Product Manager Paul Tsien told me would be shipping by start of 2017, and will support RAC as the name implies, as well as virtualization. I went to a presentation by Erik Brenner of Mythics (which you could think of as an EC Wise competitor with a very large Oracle practice), who reported that the X6-HA would have fewer cores but more memory and storage, and could do up Read More

Categories: Databases, Oracle Database Appliance, and OS & Virtualization.
Languages: English.

Workflow, Forms Processing and the Passage of Time (Part 2)

In part one of this two part series, I talked about some of our experiences with workflow systems and portals, and how we have built systems where domain specific workflows were provided in the context of a portal, like LifeRay. Specifically, we build a SaaS marketing system on LifeRay, and got to the point where marketers needed to create response forms and landing pages. For the response forms, we used Orbeon, which turns out to be a very popular web form solution, and brings us back to where we started, forms and workflow. Over the past couple years, I had Read More

Categories: Databases, Integration, and Programming.

Languages: English.

Workflow, Forms Processing and the Passage of Time (Part 1)

I recently found these articles on the web that I wrote in 1999 (yes, that’s seventeen years ago, and yes, I was writing about what we were doing at EC Wise). I used to write a lot of articles, back in the pre-historic nineties, when articles were published in print magazines and had to be reviewed and vetted by editors, but I digress. One of the articles I’m referring to discussed the migration of forms based workflow systems to the web. The other, Wf-XML and Interoperability discussed Wf_XML, which was being proposed as a standard schema for representing workflows (it Read More

Categories: Integration and Programming.

Languages: English.

Integrating Information from Opaque Applications with Change Data Capture

In the IT sense, “integration” is a funny word. At EC Wise, we often claim to have experience undertaking “integration” projects, but when I think about it, it’s one of those things where there is “no there there”. What we call integration is not something that organizations do for its own sake, it’s something they do in the context of some larger project goal. We have undertaken data integration projects to support goals like building data warehouses to drive analytics and bringing data from partner or customer systems into a client system for processing. One of the challenges of integration Read More

Categories: Databases and Integration.
Languages: English.