Welcome!

Gorilla Security is a company offering services to help secure your business.

We focus on combining three aspects of building a good security model in an enterprise:

  • People are the most important factor in the equation. Without them, there is nothing.
  • Processes and procedures, this includes all security policies, instructions and generally the way of working. While this is very important, it's not complete till you get the other two aspects.
  • Tools and systems are in our opinion a support to help the processes and procedures, to enforce some policies. They should also support the third aspect.

We believe combining the approach toward being able to influence and measure all three aspects is a critical factor towards success. This is reflected in our offering.

If you contact us, we'll be happy to elaborate our vision with you.

Security News

SecurityFocus News  Infocus: Enterprise Intrusion Analysis, Part One

Enterprise Intrusion Analysis, Part One
Read more on SecurityFocus News...

SecurityFocus News  Brief: Cyberattacks from U.S. "greatest concern"

Cyberattacks from U.S. "greatest concern"
Read more on SecurityFocus News...

SANS NewsBites  Proposed Changes to EU Data Protection Law Draw Criticism (January 26, 2012)

The proposed changes to the European Union's data protection law have companies buzzing about the costs associated with compliance, the stringent penalties for violations, and the difficulty of enforcement.......
Read more on SANS NewsBites...

SANS NewsBites  NIST Issues Cloud Security Guidelines (January 25, 2012)

The National Institute of Standards and Technology (NIST) has issued Special Publication 800-144, Guidelines on Security and Privacy in Public Cloud Computing, which offers advice applicable to both government and private sector organizations.......
Read more on SANS NewsBites...

Network World on Security  Lookout Security rebuts rival's Android malware claims

Researchers from Lookout Security disagreed with rival Symantec that 13 apps on the Android Market were malicious, instead saying that they showed the same behaviors as other ad-supported apps.
Read more on Network World on Security...

Network World on Security  Security roundup: The triumph of hactivists, the sorrow of Symantec

It was another busy week for hactivists attacking the online targets of their ire. This time, hackers under the banner AntiSec appeared to have hacked the website of OnGuardOnline.gov, the U.S. government's online security website, in protest against the much-railed-against legislation Stop Online Piracy Act (SOPA) as well as other bills regarding intellectual protection. Similarly, the group Anonymous is believed to be behind the distributed denial-of-service attack on Thursday that brought down the European Parliament's website in what is thought to be retaliation for European support for the shutdown of the Megaupload file-sharing site the week before. Anonymous also opposes a treaty being ratified in Europe now called the Anti-Counterfeiting Trade Agreement. That deals with infringement of intellectual property rights.
Read more on Network World on Security...

US-CERT Current Activity  Google Releases Chrome 16.0.912.77

Google has released Chrome 16.0.912.77 for Linux, Mac, Windows, and Chrome Frame to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition. US-CERT encourages users and administrators to review the Google Chrome Release blog entry and update to Chrome 16.0.912.77
Read more on US-CERT Current Activity...

US-CERT Current Activity  Oracle Releases Critical Patch Update for January 2012

Oracle has released its Critical Patch Update for January 2012 to address 78 vulnerabilities across multiple products. This update contains the following security fixes:

  • 2 for Oracle Database Server
  • 1 for Oracle Fusion Middleware
  • 3 for Oracle E-Business Suite
  • 1 for Oracle Supply Chain Products Suite
  • 6 for Oracle PeopleSoft Products
  • 8 for Oracle JD Edwards Products
  • 17 for Oracle Sun Products Suite
  • 3 for Oracle Virtualization
  • 27 for Oracle MySQL
US-CERT encourages users and administrators to review the January 2012 Critical Patch Update and apply any necessary updates to help mitigate the risks. Additional information regarding CVE-2012-0110 can be found in US-CERT Vulnerability Note VU#738961.
Read more on US-CERT Current Activity...

© Copyright Gorilla Security 2008-2012 - All rights reserved