Articles, trends, and advice on cloud security without compromise. Keep up with the latest blog insights on web isolation, network cybersecurity, malware, and more.

Kowsik Guruswamy

Kowsik Guruswamy
Chief Technology Officer
Find me on:

Recent Posts

Phishing & Ransomware at Singapore GovWare

Posted by Kowsik Guruswamy on Oct 18, 2016

I was in Singapore last week attending GovWare, speaking at the event and also meeting a number of customers and partners. Land of eternal summer, I think the lows were in the high 70's which made my morning runs, huh, interesting. Isolation is not a new concept here in Singapore, as the government pulled out 100,000 computers (de-linked) from the Internet to avoid any malware contamination. The government personnel are given dedicated kiosks (black computers) from which they can access the Internet, but that's about it. This is an extreme form of Isolation, while 100% safe, is also at cross-roads with user experience. But this has been the history of Isolation though. We've always been forced to trade off between security and user experience. Security by shackles.

Read More

Tags: phishing, ransomware, singapore, govware

The Productivity vs. Risk Trade-Off in Enterprise Security

Posted by Kowsik Guruswamy on Jun 27, 2016

I was in New York last week at an all-day event co-hosted with Skyport Systems at the Microsoft Briefing Center in Times Square. The day was filled with analyst briefings, a panel on “Is Active Directory a blindspot for CISO’s” followed by my talk on ‘Eliminating Ransomware with Isolation’ to the OWASP New York chapter. During the course of the day, I heard Isolation being mentioned so many times in different contexts. The gist of it is most people innately understand what Isolation is and how it can really improve the security posture of organizations. The real challenge (which we've solved) is can we do Isolation without affecting user experience?.

Read More

Tags: security, enterprise, risk, productivity

Fury Road: State of Cybersecurity Down Under

Posted by Kowsik Guruswamy on May 30, 2016

As part of our continued global expansion, I spent a week down-under visiting customers and partners hopping between Sydney and Melbourne. As soon as I got to the hotel, I stepped out for a fantastic run (of course!) along the Sydney-Harbor bridge and Opera House, followed by climbing several flights of stairs to kill the jet lag. Joy of being an ultra runner! Anyways, It was fantastic to meet customers to talk to them about the benefits of Menlo Security Isolation Platform. The story is much like everywhere else. People are tired of layers and layers of security products that ultimately act like a sieve letting malware through. Spear-phishing and Ransomware are major current threats that enterprises just can't stop.

Read More

Tags: malware, cybersecurity, australia, secure web gateways

March Madness, With Or Without The Malware?

Posted by Kowsik Guruswamy on Mar 23, 2016

If you are not familiar with March Madness, it's the single-elimination basketball tournament played each spring in the United States, currently featuring 68 college teams. It's one of THE most famous sporting events in the United States. As we head into the Sweet Sixteen bracket, we thought it might be prudent to analyze the Top 10 sports sites in the U.S. based on the Alexa ranking. These sites are the most visited around this time with sports fan checking out the bracket to see if their favorite team is advancing to the next stage. The real question is, can these sites be a prime target for malware and ransomware?

Read More

Tags: malware, vulnerability, top-sites

Spooky Times: When Security Predictions Come True

Posted by Kowsik Guruswamy on Oct 30, 2015


It's that time of the year when those of us in the security industry look into the crystal ball to figure out what the year ahead looks like. Before I take a crack at what's going to happen in 2016, I thought it might be useful to reflect on my last year's predictions and see where they stand. Back in January this year, I had three things that I was predicting, two of which have come true. Hey, that's a pretty good hit rate in fortune telling.

  • Increased Malware Attacks over SSL
  • Malware Infiltrates the IoT
  • Increased Scrutiny on Securing Containers
Read More

Tags: ssl, cybersecurity, predictions, fitbit

Gatekeeper, Gatekeeper, Make Me a Malware

Posted by Kowsik Guruswamy on Oct 28, 2015

On the heels of the Xcode Ghost comes another Apple vulnerability. This time it's in the Apple OSX Gatekeeper, which was designed to combat various forms of malware. Security researcher Patrick Wardle from Synack found that the security feature can be bypassed using a simple trick involving the use of a signed binary. Apple seems to be working on a patch, but right now, systems are still vulnerable. Here's my POV.

Read More

Tags: malware, apple, gatekeeper

Guruincsite Malware Takes Over 1000's of Magento Sites

Posted by Kowsik Guruswamy on Oct 20, 2015

Magento is a popular Content Management System (CMS) deployed at over 200,000 websites as their e-commerce platform. On Sunday, Sucuri published a blog about a Massive Magento Guruincsite Infection that had already infected 1000's of sites. Google has blacklisted almost 8,000 sites over the past 90 days. At this point, it appears that we don't know the original injection vector. According to Sucuri, "It's likely a vulnerability in the Magento CMS software itself or one of the 3rd party extensions installed by the administrator."

Read More

Tags: malware, cybersecurity, flash, magento

Stumbling Over The Truth - History of Cyber Security

Posted by Kowsik Guruswamy on Sep 28, 2015

In 1942, Winston Churchill, referring to his political adversary Stanley Baldwin, was quoted saying, “Occasionally he stumbled over the truth but he always picked himself up and hurried on as if nothing happened.” Over time Churchill’s remark was morphed into a statement about mankind in general. Today, Churchill’s statement could be further morphed and used to describe the cyber security industry over the last 30 years.
Picture courtesy: AZ Quotes.

Read More

Tags: malware, cybersecurity, isolation, history

Xcode Ghost: A "Worm" in the Apple

Posted by Kowsik Guruswamy on Sep 25, 2015

The recent breach of Apple’s App Store by malware from China is another in an ongoing series of grim reminders about the porous state of today’s security measures.  While this marks the first successful major attack on this key Apple marketplace, it was really only a matter of when – not if – such a breach would occur. Just to be clear, Apple’s App Store infrastructure itself wasn’t breached. The Xcode developer toolchain was trojanized and made available in alternate sources to the App developers.

Read More

Tags: malware, apple

The Human Element In Security & Why UX Matters

Posted by Kowsik Guruswamy on Sep 21, 2015

In some ways, corporate users are like children: They need, but rarely like rules, and many will try to find one way or another around them. “Use only this software and always keep it up to date.” “We’re blocking access to those websites you’re trying to visit.” “You must constantly be on the alert for ‘suspicious’ emails, and don’t open any attachments—ever!” “Yes, you are required to take that training class on how to protect corporate assets.”

Read More

Tags: security, ux, enterprise

Connect with us

Lists by Topic

see all

Recent Posts