eEye Digital Security, a provider of IT security and unified vulnerability management solutions, today announced the release of Retina Community, a free vulnerability scanner that identifies vulnerabilities (including zero-day), configuration issues, and missing patches across operating systems, applications, devices, and virtual environments. Available now, Retina Community enables enterprises and SMBs to scan a selected set of IP addresses, identify vulnerabilities and misconfigurations, and take steps to remediate security and compliance issues. Retina Community users receive regular vulnerability updates as well as vulnerability reporting and alerts. Organizations can use this free scanning solution to assess their security and compliance posture prior to making an investment in a more comprehensive vulnerability management solution.

“eEye has a long-standing history of providing valuable security tools to the IT community. Retina Community expands eEye’s growing list of free security resources to help organizations understand where their weak points are and close security and compliance gaps,” said Marc Maiffret, eEye cofounder and CTO. “With Retina Community, enterprises and SMBs can strengthen security and compliance posture overall, as well as identify zero-day threats and client-side application vulnerabilities, both of which are a significant threat to organizations.”

Retina Community provides users with critical capabilities:

• Vulnerability assessment across operating systems, applications, devices, and virtual environments (32+ IPs)
• Zero-day vulnerability identification
• Configuration auditing
• Integrated vulnerability updates and alerting
• Detailed vulnerability and executive-level reporting
• Report export to XML, CSV, and PDF
• Online support and resources from eEye’s renowned research team

Retina Community leverages the power of the Retina Network Security Scanner — recognized as the industry’s most mature and effective vulnerability management technology. The Community scanner expands eEye’s Zero-Day Tracker, a free service that provides up-to-date information on critical zero-day vulnerabilities (i.e. vulnerabilities for which there are no vendor patches or fixes) by providing zero-day vulnerability scanning and more. Also, the tool expands eEye’s reputation as a thought-leader, adding to a growing list of free resources offered to the IT Security community at large, such as:

 

• eEye Zero Day Tracker
• Vulnerability Expert Forum
• eEye blog and social networking

Download the Retina Community free vulnerability scanner now!

About eEye Digital Security
Since 1998, eEye Digital Security has made vulnerability and compliance management simpler and more efficient by providing the only unified solution that integrates assessment, mitigation, protection, and reporting into a complete offering with optional add-on modules for configuration compliance, regulatory reporting, and integrated patch management. eEye’s world-renowned research and development team is consistently the first to uncover critical vulnerabilities and build new protections into our solutions to prevent their exploit. Thousands of mid-to-large-size private-sector and government organizations, including the largest vulnerability management installations in the world, rely on eEye to protect against the latest known and zero-day vulnerabilities. More at eeye.com.

If you’re wondering where the next big disaster will come from, consider the news about SCADA (supervisory control and data acquisition), the industrial systems used to monitor and control a raft of functions at power plants, refineries, water systems, and manufacturing plants. Doesn’t ring a bell? Here’s a tip: Siemens’s Windows-based Simatic WinCC SCADA systems were the suspected target of the Stuxnet worm that devastated Iran’s nuclear program by altering the spin rate of its uranium centrifuges.

A CERT advisory on April 1 for a different Siemens SCADA product called out vulnerabilities allowing an intruder to perform DoS attacks, directory traversal, and arbitrary code execution. Additionally, an Ecava SCADA product was cited in a March 23 advisory warning of an unauthenticated SQL vulnerability that could allow data leakage, data manipulation, and remote code execution. Siemens and Ecava both issued patches.

Siemens and Ecava aren’t alone. The previous Monday Italian researcher Luigi Auriemma published details of 34 vulnerabilities in four SCADA products, complete with exploit code; Auriemma had no previous experience with SCADA systems but was able to discover vulnerabilities within hours simply by downloading free trial versions. The day before Auriemma’s announcement, researcher Ruben Santamarta revealed vulnerabilities and source code for Advantech products that could be used to attack a power grid. Santamarta felt forced to publish the source code after the vendor denied there was a problem.

A week prior, GLEG, a Russian-based security firm announced it was releasing its Agora SCADA + pack with 11 zero-day SCADA system vulnerabilities in an effort to “collect all publicly available SCADA vulnerabilities in one exploit pack.” Shortly after the tool was released, the company website suffered a sustained DoS attack.

Though in Iran’s case Stuxnet was propagated through removable media, the fact is that many of today’s SCADA systems not only run on Windows, but often sit on networks with paths to the Internet that can be discovered and breached by a clever hacker. Many are not routinely patched, because it’s difficult to test patches to ensure they won’t disrupt the systems they’re meant to manage.

More worrying, poor security practices are not unusual at critical infrastructure facilities. Witness the case of a Southern California water system, highlighted in a recent Los Angeles Times article, that hired current eEye Digital Security CTO and well-known hacker Marc Maiffret to test its network vulnerabilities. Within one day, Maiffret managed to take over systems that added chemical treatments to drinking water, with the potential of rendering water undrinkable for thousands of local residents. It turned out he discovered that employees were logging into the network from their unsecured home computers and opening up the system to outside vulnerabilities.

Thursday night they launched a collaborative workspace called CriticalMass in a Cambridge office building near Massachusetts Institute of Technology, just down the avenue from Harvard University where Mark Zuckerberg launched Facebook. Of course, he then moved to California, which some think sort of symbolizes Boston’s problem.

Perhaps the Asian hors d’oeuvres at the launch party were meant to infuse a cool, West Coast vibe. Down the hall, draft beer flowed at the weekly Venture Café. If you stayed away from the windows – it was snowing – you could imagine yourself at a South of Market (San Francisco, that is) shindig.

New England venture capitalists need to work together to “reinvigorate start-up activity in this region” instead of alone in “our own little parochial pods, in our own self interest,” said Jamie Goldstein, a partner at North Bridge Venture Partners and president of the New England Venture Capital Association, a CriticalMass sponsor.

North Bridge, which is based in the Boston suburb of Waltham along with several other established venture firms, is also one of the sponsors of CriticalMass, which will provide a place for entrepreneurs to work for free for three months or at a monthly rate of $125 for six months. North Bridge and several other firms have small conference rooms off an open work area that can accommodate up to 48 entrepreneurs a year. Goldstein, a communications and Internet infrastructure investor, said he expects to be there weekly.

Across the nation, VCs are working hard to get close to young entrepreneurs, mainly in the Internet world, who like hanging out with like-minded people in a city instead of a suburban office park. The university town of Cambridge, across the Charles River from Boston, is attractive to them. Polaris Venture Partners-backed Dogpatch Labs has a collaborative workspace nearby that was a model for CriticalMass. Venture firms such as Greylock Partners have moved to Cambridge and young firms such as OpenView Venture Partners and .406 Ventures opened shop in Boston.

Goldstein said he expects about one-half to three-quarters of CriticalMass entrepreneurs to be working on mobile or digital-media projects.

“I don’t think you’re going to see the next big semiconductor company come out of CriticalMass,” he said.

CriticalMass and the year-old Venture Café are in the Cambridge Innovation Center, which is home to 350 young companies of various sizes and stages of development. CIC provides support services. Tim Rowe, CIC president, said the collaborative spirit where entrepreneurs want to work together to help each other build businesses didn’t really exist when he started CIC a decade ago.

Now, he said, VCs, too, are developing “a collegial, youthful way of working.” The Venture Café, which CIC helped launch, is the largest regular gathering of entrepreneurs in the Boston area that Rowe is aware of and a place where local VCs are available for informal meetings.

Clearly Boston has a ways to go to catch up with the Bay Area in fostering a mobile, social-network driven investment climate, but it sure is trying. And soon it will be spring in Cambridge and the Red Sox will be playing across the Charles.

 

According to content marketing expert Joe Pulizzi of Junta42, marketers are all publishers now. Traditional advertising might not work for every type of audience anymore. Instead of interrupting targets with your messages while they are watching TV, listening to the radio, or searching the Internet, content marketing is all about providing relevant, timely, and valuable content to them instead. Content marketing is steadily becoming more popular among B2B and B2C companies alike.

A corporate blogging program can be a great way to launch a content marketing strategy for your organization. This unique form of blogging involves not only the CEO or CMO of an organization, but includes every employee in the content development efforts of the company. Some reasons CMOs might consider launching a corporate blogging program in their companies are many: to boost brand awareness, increase thought leadership, generate new sales leads, better communicate value proposition, supply the marketing department with content to repurpose, make all of their employees customer-centric, and explain their  culture to their audience.

In this free e-book (registration required), OpenView Labs details what’s involved in setting up a corporate blogging strategy, including best practices, likely hurdles, and a C-level checklist.

Intronis has been named to CRN’s 2011 Partner Programs Guide. Intronis was also awarded a 5-Star Partner rating. CRN’s Partner Programs Guide and 5-Star Partner ratings serve as the definitive list of vendors who have robust partner programs or products that service solution providers offer directly to the IT channel. The annual list recognizes the vendors who offer solution providers the best possible partnering elements for channel success.

Intronis offers a comprehensive partner program, which is designed specifically for the IT channel. Intronis provides everything a reseller needs to deliver cloud backup and recovery to their SMB clients. The partner-friendly program includes customer support, account management, sales, marketing and the industry’s leading technical support in order to ensure the partner succeeds in their selling efforts. Furthermore, the software is a white-label solution allowing it to be re-branded with the partner’s name and logo for marketing and reselling ease and efficiency. Intronis is a reliable and partner-centric cloud backup and recovery solution, which will be there every step of the way to help increase partner revenues and margins, proactively manage the backup and recovery processes, and support flexible pricing, alerts, and notifications.

“The companies listed on the 2011 Partner Programs Guide represent the best channel programs in the market today Of those, only a few get our five-star award, based on their commitment to the channel, breadth of program offerings and services offered to their partners. Each of these organizations understands that technology alone does not make for a successful channel program. By focusing on delivering a comprehensive partner program, vendors and solution providers can work together to drive business opportunities and revenue,” said Kelley Damore, VP and Editorial Director, for Everything Channel’s CRN.

“Intronis is honored to be named to CRN’s 2011 5-Star Partner Programs Guide. Our team is partner-centric and committed to the success of each partner we have a relationship with,” states CEO of Intronis, Kent Plunkett. “CRN is recognizing our dedication to our partner program. This focus is something we pride ourselves in and will continue to find new ways to help our partners succeed in their cloud backup and recovery businesses.”

The 2011 Partner Programs Guide and 5-Star Partners listing will be featured on CRN.com and in the March 28th issue of CRN.

Intronis is a cloud provider of backup and disaster recovery services for the IT channel. Intronis utilizes 256-bit AES security and multiple data centers located on opposite coasts to ensure data protection and availability. Intronis offers IT service providers a secure data solution combined with a robust partner program, the efficiencies of full web-based account management, and an industry leading technical support team. http://www.intronis.com.

About Everything Channel

Everything Channel is the premier provider of IT channel-focused events, media, research, consulting, and sales and marketing services. With over 30 years of experience and engagement, Everything Channel has the unmatched channel expertise to execute integrated solutions for technology executives managing partner recruitment, enablement and go-to-market strategy in order to accelerate technology sales. Everything
Channel is a UBM company. To learn more about Everything Channel, visit us at http://www.everythingchannel.com. Follow us on Twitter at http://twitter.com/everythingchnl.

About United Business Media Limited

UBM) focuses on two principal activities: worldwide information distribution, targeting and monitoring; and, the development and monetization of B2B communities and markets. UBM’s businesses inform markets and serve professional commercial communities — from doctors to game developers, from journalists to jewelry traders, from farmers to pharmacists — with integrated events, online, print and business information products. Our 6,500 staff in more than 30 countries are organized into specialist teams that serve these communities, bringing buyers and sellers together, helping them to do business and their markets to work effectively and efficiently. For more information, go to http://www.ubm.com.

One conversion rate optimization rule of thumb says: “The more you personalize the site experience based on all you know about the visitor, the higher the conversion rate will be.” Higher conversion equals better results, and greater revenue. That’s strong motivation for any ecommerce site looking to improve ROI.

But another rule of thumb may be emerging as consumers get more sophisticated in their online habits: “Failure to use information about a visitor could have a negative effect on conversion.”

Consider the email I got from Walmart about 10 days ago. It was waiting for me when I came indoors after spending an hour trying to plow the snow from my yard.

The subject was: “Celebrate Spring With Savings on Patio Furniture, Apparel, Swings & More.” Just so you get the picture, I have super-imposed a screen shot of the email on a snapshot of the yard at the time I got the message.

My first reaction to the email, as a consumer and not a marketing professional, was confusion. The mental process went like this: “Walmart knows where I live and the weather where I live is no mystery, so why did they send me an email offering deals on new patio furniture when mine is still covered with snow?”

Then I tried thinking it through as a marketer. Sending the exact same promotion to everyone on your mailing list is cheaper and easier than customizing offers by region. Sure, you might get greater conversion from emails that are geo-targeted, but would the incremental revenue be worth the extra effort?

And there’s the rub: How much extra effort does it take?

For large enterprises the answer often comes down to silos, not the kind in which my neighbors store their corn, but data silos. These are databases that exist in relative isolation within an organization.

Silos often contain information that could be used for multiple purposes, including marketing. But that information currently isn’t available to all the people who could use it — at least not without a lot of effort.

Typical silos are inventory, shipping data, order data, billing data. Different silos often contain multiple records of customer names, addresses, and contact data.

Unfortunately, issues in the areas of system architecture and corporate structure can mean that the fullest possible profile of the customer is not readily available to anyone, and that’s a pity.

For example, Walmart could have achieved a better reaction from me simply by looking in the customer database, seeing where I live, then sending the same email content under a different subject line, such as: “Hang in there, Spring is coming!”

I know Walmart has some amazing data systems and I don’t mean to poke fun at the company (I shop there quite often and I like getting their emails). Although that offer of patio furniture sure didn’t convert in my case, I found it more amusing than offensive. Yet there is a darker side to this silo problem, something you might call conversion poisoning.

Let’s face it, regardless of how much time and money you invest to come out on top of the search engine results page, there are always other results visible on the same SERP, whether your prospects are searching with Google, Bing, or Yahoo. So the searcher always has choices, and if the searcher has a negative perception of your brand, they will likely click one of the other results.

Like Walmart, Verizon also knows where I live. When I go to the website called “My Verizon” to pay the bill for my landline phone, Verizon actually shows me the weather conditions for my address. But I’m also shown offers and information about Verizon’s fiber optic and DSL broadband services.

Unfortunately, Verizon has no plans to supply either of these services to my address. Furthermore, Verizon promotes these locally unavailable services, bundled with phone service, for prices lower than my neighbors and I pay for phone service alone.

From a consumer perspective, that strikes me as insensitive to say the least. After chatting to my neighbors I confirmed that I wasn’t alone in this perception (it turns out that Verizon is equally insensitive when it mails out paper bills, stuffing them with offers that are unavailable at the address to which the bills are mailed).

Verizon is arguably eroding customer sentiment and tarnishing brand perception with this behavior, yet we all know that the information required to behave differently is somewhere within Verizon’s data silos. I would argue that, by failing to use all of the information at its disposal to personalize the “My Verizon” website, the company is undermining its conversion efforts.

Clearly, the time has come to “un-silo” corporate data so that it can be used to improve conversion and brand sentiment, while simultaneously avoiding the perception that your brand is either insensitive or simply doesn’t have it’s act together.