Analysts at Gartner Inc. are predicting a steady increase in managed security services as companies look to outsourcing as a way to cut costs. In this edition of Security Squad, editors of SearchSecurity.com and Information Security magazine discuss the issues that result from outsourcing security services. They also discuss the sudden increase of SQL injection attacks and whether developers are using more secure software coding techniques.
(1:15) Some vendors are offering their security products as software-as-a-service options.
| Managed security services, SQL injection attacks
(3:17) Gartner analysts tout managed security services.
(4:15) What are the problems with outsourcing security when the software is not within the confines of the company systems?
(8:29) Do regulations such as PCI cover managed security services?.
(9:44) Researchers have been tracking a wave of SQL injection attacks. Why are attackers using old methods?
(12:37) All it takes is a coding error. Online payment service, PayPal was the victim of a SQL injection attack.
(13:11) Why do security researchers such as Gary McGraw yawn when they hear SQL injection?
(15:45) Gary McGraw offered up a positive view of secure software coding.
(17:42) Are we ever going to see a seal of approval on products guaranteeing the secure coding?
(19:34) If more software is sold as a service, could that enable vendors to guarantee the security?
Managed security services to climb as IT costs rise: The market for managed security services is expected to grow significantly, led by messaging security software, Web gateways and security intelligence products.
Perimeter eSecurity acquisition shapes managed security services : Small businesses are turning to managed security service providers. The industry is growing and Perimeter eSecurity's aggressive acquisition spree is shaping the market.
What are the benefits of 'in-the-cloud' network security services?: Services offered 'in the cloud' range from managed firewalls to intrusion detection/prevention services (IDS/IPS) to antispam/antivirus filtering.
Gary McGraw on secure software development: In this video, Gary McGraw of Cigital Inc. explains why better secure coding could help thwart future Web 2.0 attacks. He says the industry is making progress.
Tech vendors team up for secure software development:A new group of technology vendors, including Microsoft and Symantec, are joining together to raise awareness about the need for more secure code.
Information Security podcasts: Visit SearchSecurity's podcast archive.
Dig Deeper on Security industry market trends, predictions and forecasts