About Andrew Hay

Andrew Hay is an information security industry veteran with close to 20 years of experience as a security practitioner, industry analyst, and executive. As the Chief Information Security Officer (CISO) at DataGravity, Inc., he advocates for the company’s total information security needs and is responsible for the development and delivery of the company’s comprehensive information security strategy.

Andrew has served in various roles and responsibilities at a number of companies including OpenDNS (now a Cisco company), CloudPassage, Inc., 451 Research, the University of Lethbridge, Capital G Bank Ltd. (now Clarien Bank Bermuda), Q1 Labs (now IBM), Nokia (now Check Point), Nortel Networks, Magma Communications (now Primus Canada), and Taima Corp (now Convergys).

Andrew is frequently approached to provide expert commentary on security-industry developments, and has been featured in such publications as Forbes, Bloomberg, Wired, USA Today, International Business Times, Sacramento Bee, Delhi Daily News, Austin Business Journal, Ars Technica, RT, VentureBeat, LeMondeInformatique, eWeek, TechRepublic, Infosecurity Magazine, The Data Center Journal, TechTarget, Network World, Computerworld, PCWorld, and CSO Magazine.

After I had posted my article on configuring NetFlow export on Cisco devices, various people emailed me asking what, exactly, NetFlow is. It just so happens that Dark Reading has recently published an article on the topic. To explain what NetFlow is: It is simply the aggregation of packets into "flows" and the reporting of that data. A flow is a collection of packets that can be characterized by source and destination IP addresses and ports, as well as a few more characteristics. The packets in a particular flow are counted and reported to a collector. Cisco and most...

Read More

Our friends at Websense have recorded what happens when a workstation visits an infected site exploiting the current VML issue. They did a similar video when the WMF zero-day was released and their workstation was instantly flooded with Spyware applications and pop-ups galore. It was an impressive sight and obvious that they had just visited an infected site. From the site: So, we fired up our trusty video capture tools and pointed a VMWare workstation at a random site where our miners had recently discovered an iframe containing a VML exploit. But...

Read More

Breach Security, Inc. today announced the acquisition of Thinking Stone Ltd., the leading provider of services and enhancements for the ModSecurity web application firewall. ModSecurity is the most widely deployed web application firewall in the world with more than 10,000 deployments. It began as an open source project written by Ivan Ristic, a world-recognized authority in Apache Security, who will join Breach Security as a Senior Executive. As the Chief Evangelist of the combined companies, Ristic will focus on extending Breach Security's security application solutions and the continuous improvement of the ModSecurity open source offerings. Ivan has the following to say in his...

Read More