Infoworld Channels

InfoWorld Home / Security Central / InfoWorld CTO 25: Amichai Shulman

June 05, 2006

InfoWorld CTO 25: Amichai Shulman

CTO and founder, Imperva

By Ephraim Schwartz | InfoWorld

Print |

Amichai Shulman, CTO and founder of Imperva, heads Imperva’s Application Defense Center (ADC), a research arm of the company devoted to building “the most advanced … security knowledge base in the world.”

A tall order, but Shulman has the background for it. Prior to founding Imperva, he was CTO at Edvice, an application-and-database security consultancy. Before that he served in various command-and-control positions in the Israeli Defense Forces for projects related to information security.

Shulman says there are many good public research organizations for Web servers and Web security, but far fewer for database security. He also says his most current research has uncovered an entirely new area of database vulnerability, in which ordinary users can turn themselves into database administrators without a valid set of credentials.

The task of ADC is to reproduce such vulnerabilities and then inform vendors, giving them all the background information they need to plug the holes. Imperva claims that in the last year, Shulman’s work has likely prevented major breaches of Oracle and SQL Server databases.

Shulman notes that “critical vulnerabilities” exist in all — not some — commercial database servers. Vendors and customers alike should be grateful for his efforts.

Ephraim Schwartz is an editor at large at InfoWorld. He also writes the Reality Check blog.

Tags: Security, DBMS, Data Security, Applications, Data Management, Mobile Technology, Operating Systems, Storage

Print |

What is Tech Briefcase?

TechBriefcase is a new, free service where IT Professionals can Search, Store and Share IT white papers and content like this. Learn more

Bookmark content

Speed up your research efforts with content across the web.

Search and Store

Find the white papers you need. Create folders for any topic.

View Anywhere

Open your briefcase on your iPhone, tablet or desktop. Share with colleagues.

Don't have an account yet?

additional resources

Handling Security via the Cloud

Video

Bringing the Cloud to the Data Center

Discover a new breed of data protection that meets the needs of small and midsize businesses because it is simple to deploy, safe and cost effective.

View now »

How is Your IT Handling Increased Budget Pressures?

Webcast

How is Your IT Handling Increased Budget Pressures?

Your business is growing. How is your IT handling increased business transactions, stringent SLAs and increasing budget pressures? Join Richard Winter, President at WinterCorp, and Ajaya Gummadi, HP NonStop WW Database Product Manager, as they discuss the challenges enterprises face with database solutions, and how to overcome them with HP.

View now »

View the discussion thread.

Recommended Resources

See all White Papers / Webcasts Recommended Resources

Recommended Resources

See All Jobs » Post a job for $295 »

Jobs powered by SimplyHired

Featured Sponsor

White Paper

White Paper

Sophos Security Threat Report 2011

Last year's cyberattacks, like Aurora and Stuxnet, demonstrates that malware lurks everywhere and tricks even the most scrupulous user. Our threat experts see 30,000 new malicious URLs each day—70% of which are legitimate websites that were hacked. Let our new 2011 Security Threat Report be your weapon in the battle against malware. It describes the significant threats of 2010, what to watch for in 2011, and more importantly, what you need to do to get ahead of them.

Download now! »

White Paper

White paper

Eight threats your anti-virus won't stop: Why you need endpoint security

News headlines are a constant reminder that malware attacks and data leakage are on the rise. High-profile incidents that make big news might seem out of the ordinary. Yet businesses of every size face similar risks in the everyday acts of using digital technology and the internet for legitimate purposes. This paper outlines eight common threats that traditional anti-virus alone won't stop, and explains how to protect your organization using endpoint security.

Download now! »

White Paper

Malicious JavaScript Attacks: What Can You Do?

As an IT manager, you need to be able to effectively secure all of the websites you manage to avoid attack and the subsequent infection of site visitors. You also need to protect the users within your organization from becoming victims of malware. Organizations can use specific technologies and layered protection strategies to safeguard websites and shield employees. We'll review what to watch for, as well as the security strategies that will help keep you safe.

Download now! »

Master the cloud with the power of convergence from HP Complimentary Gartner Report on BYOD: Media Tablets & Beyond. View Now Elevate storage agility and efficiency with HP 3PAR storage.Remote Desktop Access: Do More with LogMeIn Central!Preparing IT for Growing Business Demands Egnyte HybridCloud: Simplicity, Scalability & Security: Free Trial Redefine your data center with HP servers.Cervalis - SSAE 16 certified high availability data centers.Evolving Your Data Center for the Cloud Visit the Virtually There Learning Page to learn how to use virtualization to your competitive advantage.Deploy SharePoint quickly & at lower total cost on AWS Cloud-Learn how Cut Disaster Recovery Downtime & Cost with Automated Disaster Recovery Learn the best approach for SMB data protection Join us for an upcoming Microsoft 365 live online demo event.Have a Dropbox problem? Read the Aberdeen Group report to learn more.Protect your data now and down the road. Use LTO-5 Tape!Download the Free Microsoft® Assessment & Planning Toolkit today!Webcast: A Breakthrough in Service Delivery for Data Center Workloads A smarter approach to IT is needed. That smarter approach is IBM CloudBurst.Article: IBM CloudBurst™: Making Rain in an Economic Dry Spell.

Solve pressing IT challenges with VMware's virtualization solutions Connect with IT leaders redefining mobility at the Enterprise Mobile Hub Risk Based Authentication - Learn why RSA Adaptive Authentication is the leader.Remote Desktop Access: Do More with LogMeIn Central!Easily create and manage custom iPad & iPhone apps for your business.Access Files, Sites & Apps with Microsoft® Flexible Workstyle!Condusiv Technologies V-locity - Max Virtual Platform Performance. 30-day trial.Efficient Storage: Only Thing Smaller than the Footprint is the Price Remotely monitor and automate with LogMeIn Central. Try it now.Less complexity. Less setup. This is the future of your mainframe.Empower your employees with Motorola Superior Android solutions Explore tiered storage for all your active archive content needs Explore tiered storage for all your active archive content needs Webinar: A Practical Approach for Using DLP to Manage Risk to Information Assets Virtualizing Your Infrastructure Just Got Easier Veeam white paper by Eric Siebert: Top 7 VMware Management Challenges. Download now >>Storage, speed, security. Lexar Media Enterprise solutions get down to business.See IBM CloudBurst's self-service user interface in action Video: Simplifying the IT environment for better productivity with IBM Archive and search business email in the cloud with Google.

InfoWorld Technology Marketplace

» BUY A LINK NOW

©1994-2012 Infoworld, Inc.