What is "clickjacking" and should you be concerned about it?

Chenxi Wang

I am at the first national OWASP conference in New York this week, giving a talk on Web 2.0, consumerization, and application security. There is much discussion at the conference about "clickjacking," partially because the researchers weren’t given permission to do an open session, which of course further fanned the interest.

Earlier today, CERT issued a statement on clickjacking, warning that multiple browsers, including IE, Firefox, Safari, Opera, and Chrome, are all vulnerable to the attack.

Read more

McAfee's acquisition of Secure Computing

Chenxi Wang

McAfee announced today it is acquiring Secure Computing, at the price of $465 million. Does this acquisition make sense?

Secure Computing has a market cap of $380 million, with 2007 revenues of about $250 million and $21 million cash on hand. This acquisition price, which represents a 22.69% over its market cap and less than 2x revenues, is relatively modest. So for McAfee, it's a good deal. In addition, although McAfee is a strong player in the endpoint market, is not a market leader in its network security play. The addition of Secure Computing, plus the recent acquisition of Reconnex, will clearly energize that part of the house.

For Secure, this brings some much needed help in terms of marketing and external communication. Secure Computing has solid technology in Web and email security, but after many years in the business, is still not as much a household name as some of its competitors. Secure Computing's other product line, its Sidewinder firewall business, may seem disparate at first glance, but can put McAfee in a nice position to enter the unified threat management (UTM) market.

Read more