Gartner’s 2013 Enterprise Architecture Tools Magic Quadrant

Like every year, Gartner has released yet another great resource for Enterprise Architects with their EA Tools Magic Quadrant. This is a very useful tool especially if you are in the market for an Enterepise Architecture tool. Gartner dog a good job of plotting holistically where each player in this complex space resides based on their criteria.

Enterprise Architcture 2013 Magic Quadrant

Below you will find the Gartner Magic Quadrant. If you have seen years past the format and even the players will be familiar. However, play close attention as the players have shifted somewhat.


Gartner bases this analysis based on the following criteria:

  • A repository that supports, at a minimum, the business, information, technology and solution viewpoints and their relationships. The repository must also support business direction, vision and strategy, as well as business disruptions.
  • Modeling capabilities that support the minimum viewpoints of business, information, technology and solutions.
  • Decision analysis capabilities, such as gap analysis, impact analysis, scenario planning and system thinking.
  • Presentation capabilities that are visual or interactive to meet the demands of a myriad of stakeholders.
  • Administration capabilities that enable security, user management and other tasks.
  • Configurability capabilities that are extensive, simple and straightforward to accomplish, while supporting multiple environments.
  • Support for frameworks and standards, often used while providing the flexibility to modify the framework.
  • Usability, including intuitive, flexible and easy-to-learn UIs.


According to Gartner's Julie Short, "The overall market is improving its strategy to deliver business outcomes, as demonstrated by the many inquiries Gartner receives from clients on this topic."

If you have seen last years past MQ analysis you can find it here: http://www.mikethearchitect.com/2012/11/gartner-enterprise-architecture-tools-magic-quadrant-2012.html

What you will notice is that this space is starting to solidify more. Int he MQ shown below you will see Avery crowded "visionary" quadrant. This year there acre some clear differences.

 

Overall the 2013 MQ looks a bit more refined and clearer on the differences in the Enterprise Architecture tool landscape. The criteria and the rational also seems a bit more susynced.

If you would like a full copy of the report, Troux is providing a complementary copy found below:


 

Hijacking of AV firms’ websites may be linked to hack on Network Solutions

At least three high-profile websites that receive services from Network Solutions have been hijacked in recent days in attacks that are prompting speculation that the compromises are the result of a security lapse inside the popular domain registrar and Web host.

Competing antivirus providers Avira and AVG are confirmed to have been hit, as was messaging software developer Whatsapp. Alexa and Redtube have also been reported to be struck by the same attackers, although that claim wasn't verified. All five websites rely on services from Network Solutions, which is owned by Web.com. At least some of the victims report losing control of the domain name system (DNS) servers used to route Internet traffic, a lapse that made it possible for hackers to redirect e-mail and Web traffic to malicious servers.

"It appears that our account used to manage DNS records registered at Network Solutions has received a fake password-reset request which was honored by the provider," Avira officials wrote in a blog post published Tuesday. "Using the new credentials, the cybercriminals have been able to change the entries to point to their DNS servers."

Read 4 remaining paragraphs | Comments


    






Secure This: A Website Security Company That Doesn’t Care About Security

One of the biggest problems we see with improving the security of websites is that while basic security measures are often not being taken, security companies are trying sell security services that are not actually needed for most websites. We often see the negative impact of this as people contact us about cleaning up websites and they think they need those types of services because those other companies are pushing the services, while they don’t want to make sure that basic security measures that will actually protect their website are done. A possible explanation of why the companies push those services is that many security companies don’t understand or don’t actually care about security.

Yet another example of this that we came across is Secure This, which is company that wants to sell you automated vulnerability scanning for various software, including Joomla. You average Joomla based website doesn’t need this because the software in use would have already been tested against these automated scanners and any security vulnerabilities that are going to be found would not be spotted by them. What you instead want to do is to make sure that you keep the software up to date so that when security vulnerabilities are found you are protected with the latest version of the software. The importance of keeping Joomla and extensions up to date isn’t just our advice; Joomla says that is keeping them updated is one of the “most important guidelines” for keeping your website secure. Secure This doesn’t feel they need to do that with their website though:

Secure THis is Running Joomla 3.1.1The latest version of Joomla 3.x, 3.1.5, included a fix for Critical Priority security vulnerability, so if Secure This cared about the security of their own website they would have made sure to upgrade promptly in August, when 3.1.5 was released.

If you don’t want to handle keeping Joomla updated you can hire us to do it for you.

Microsoft Patch Tuesday – October 2013

Hello, welcome to this month's blog on the Microsoft patch release. This month the vendor is releasing eight bulletins covering a total of 26 vulnerabilities. Sixteen of this month's issues are rated ’Critical’.

As always, customers are advised to follow these security best practices:

  • Install vendor patches as soon as they are available.
  • Run all software with the least privileges required while still maintaining functionality.
  • Avoid handling files from unknown or questionable sources.
  • Never visit sites of unknown or questionable integrity.
  • Block external access at the network perimeter to all key systems unless specific access is required.

Microsoft's summary of the October releases can be found here:
http://technet.microsoft.com/en-us/security/bulletin/ms13-Oct

The following is a breakdown of the issues being addressed this month:

  1. MS13-087 Vulnerability in Silverlight Could Allow Information Disclosure (2890788)

    Silverlight Vulnerability (CVE-2013-3896) MS Rating: Important

    An information disclosure vulnerability exists in how Silverlight handles certain objects in memory.

  2. MS13-080 Cumulative Security Update for Internet Explorer (2879017)

    Internet Explorer Memory Corruption Vulnerability (CVE-2013-3871) MS Rating: Critical

    A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

    Internet Explorer Memory Corruption Vulnerability (CVE-2013-3872) MS Rating: Critical

    A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

    Internet Explorer Memory Corruption Vulnerability (CVE-2013-3873) MS Rating: Critical

    A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

    Internet Explorer Memory Corruption Vulnerability (CVE-2013-3874) MS Rating: Critical

    A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

    Internet Explorer Memory Corruption Vulnerability (CVE-2013-3875) MS Rating: Critical

    A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

    Internet Explorer Memory Corruption Vulnerability (CVE-2013-3882) MS Rating: Critical

    A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

    Internet Explorer Memory Corruption Vulnerability (CVE-2013-3885) MS Rating: Critical

    A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

    Internet Explorer Memory Corruption Vulnerability (CVE-2013-3886) MS Rating: Critical

    A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

    Internet Explorer Memory Corruption Vulnerability (CVE-2013-3893) MS Rating: Critical

    A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

    Internet Explorer Memory Corruption Vulnerability (CVE-2013-3897) MS Rating: Critical

    A remote code execution vulnerability exists when Internet Explorer improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

  3. MS13-082 Vulnerabilities in .Net Framework Could Allow Remote Code Execution (2878890)

    OpenType Font Parsing Vulnerability (CVE-2013-3128) MS Rating: Critical

    A remote code execution vulnerability exists in the way that Windows parses specially crafted OpenType fonts (OTF). An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights.

    Entity Expansion Vulnerability (CVE-2013-3860) MS Rating: Critical

    A denial of service vulnerability exists in the .NET Framework that could allow an attacker to cause a server or application to crash or become unresponsive.

    JSON Parsing Vulnerability (CVE-2013-3861) MS Rating: Critical

    A denial of service vulnerability exists in the .NET Framework that could allow an attacker to cause a server or application to crash or become unresponsive.

  4. MS13-085 Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2885080)

    Microsoft Excel Memory Corruption Vulnerability (CVE-2013-3890) MS Rating: Important

    A remote code execution vulnerability exists in the way that Microsoft Excel parses content in Excel files. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

    Microsoft Excel Memory Corruption Vulnerability (CVE-2013-3889) MS Rating: Important

    A remote code execution vulnerability exists in the way that Microsoft Excel parses content in Excel files. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

  5. MS13-086 Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (2885084)

    Memory Corruption Vulnerability (CVE-2013-3892) MS Rating: Important

    A remote code execution vulnerability exists in the way that the affected Microsoft Word software parses specially crafted files. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

    Memory Corruption Vulnerability (CVE-2013-3891) MS Rating: Important

    A remote code execution vulnerability exists in the way that the affected Microsoft Word software parses specially crafted files. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

  6. MS13-084 Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution (2885089)

    Microsoft Excel Memory Corruption Vulnerability (CVE-2013-3889) MS Rating: Important

    A remote code execution vulnerability exists in the way that the affected Microsoft Office Services and Web Apps parse content in specially crafted files. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

    Parameter Injection Vulnerability (CVE-2013-3895) MS Rating: Important

    An elevation of privilege vulnerability exists in Microsoft SharePoint Server. An attacker who successfully exploited this vulnerability could perform cross-site scripting attacks and run script in the security context of the logged-on user.

  7. MS13-083 Vulnerability in Windows Common Control Library Could Allow Remote Code Execution (2864058)

    Comctl32 Integer Overflow Vulnerability (CVE-2013-3195) MS Rating: Critical

    A remote code execution vulnerability exists in the way that the Windows common control library handles allocating memory for data structures. The vulnerability could allow remote code execution if an attacker sends a specially crafted web request to an ASP.NET web application running on an affected system.

  8. MS13-081 Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2870008)

    OpenType Font Parsing Vulnerability (CVE-2013-3128) MS Rating: Critical

    A remote code execution vulnerability exists in the way that Windows parses specially crafted OpenType fonts (OTF). An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights.

    Windows USB Descriptor Vulnerability (CVE-2013-3200) MS Rating: Important

    An elevation of privilege vulnerability exists when Windows USB drivers improperly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights.

    Win32k Use After Free Vulnerability (CVE-2013-3879) MS Rating: Important

    An elevation of privilege vulnerability exists when the Windows kernel-mode driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights.

    App Container Elevation of Privilege Vulnerability (CVE-2013-3880) MS Rating: Important

    An elevation of privilege vulnerability exists in the Windows App Container.

    Win32k NULL Page Vulnerability (CVE-2013-3881) MS Rating: Important

    An elevation of privilege vulnerability exists when the Windows kernel-mode driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights.

    DirectX Graphics Kernel Subsystem Double Fetch Vulnerability (CVE-2013-3888) MS Rating: Important

    An elevation of privilege vulnerability exists when the Microsoft DirectX graphics kernel subsystem (dxgkrnl.sys) improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights.

    TrueType Font CMAP Table Vulnerability (CVE-2013-3894) MS Rating: Critical

    A remote code execution vulnerability exists in the way that Windows parses specially crafted TrueType fonts (TTF). An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights.

More information on the vulnerabilities being addressed this month is available at Symantec's free SecurityFocus portal and to our customers through the DeepSight Threat Management System.