Tag Archives: against

Software Reviews | Computer Software Review

MSRP: $150.00


Bottom Line: Against standard malware, Webroot SecureAnywhere Business Endpoint Protection is an excellent product. But we found it has trouble detecting more bleeding-edge attacks, such as the newer scripting attacks. Still, with an excellent overall set of tools, Webroot is definitely worth checking out after this problem is patched.

Read Full Review

Software Reviews | Computer Software Review

MSRP: $150.00


Bottom Line: Against standard malware, Webroot SecureAnywhere Business Endpoint Protection is an excellent product. But we found it has trouble detecting more bleeding-edge attacks, such as the newer scripting attacks. Still, with an excellent overall set of tools, Webroot is definitely worth checking out after this problem is patched.

Read Full Review

CyberSight RansomStopper

Your antivirus or security suite really ought to protect you against ransomware, along with all other kinds of malware. There might be an occasional slipup with a never-before-seen attack, but those unknowns rapidly become known. Unfortunately, ex post facto removal of ransomware still leaves your files encrypted. That’s why you may want to add a ransomware protection utility to your arsenal. The free CyberSight RansomStopper stopped real-world ransomware in testing, but can have a problem with ransomware that only runs at boot time.

Similar Products

RansomStopper is quite similar to Cybereason RansomFree, Trend Micro RansomBuster, and Malwarebytes Anti-Ransomware Beta. All four are free, and all detect ransomware based on its behavior. Since they rely on behavior, it doesn’t matter whether the ransomware is an old, known quantity or a just-created zero-day attack. Like RansomFree, RansomStopper uses bait files as part of its detection methodology. However, RansomStopper hides its bait files from the user.

Getting Started

Installation went quickly in my testing. After the download, I completed the process by entering my first and last name and email address. Once I responded to the confirmation email, the product was up and running.

The product’s simple main window reports that “You are protected from ransomware.” Buttons across the bottom let you view security alerts, processes RansomStop has blocked, and processes you’ve chosen to allow. Another button lets you check for updates, if you didn’t select automatic updates during installation. Simple!

CyberSight also offers a business edition. Added features include email alerts, centralized administration, and detailed reports. The business edition costs $29.99 for a single license, though the price drops to as low as $10 per seat with volume licensing.

Ransomware Protection

When RansomStopper detects a ransomware attack, it terminates the offending process and pops up a warning in the notification area. Clicking the warning lets you see what file caused the problem. There’s an option to remove programs from the blocked processes list—along with a warning that doing so is a bad idea.

Waiting to detect ransomware behavior can sometimes mean that the ransomware encrypts a few files before termination. When I tested Malwarebytes, it did lose a few files this way. Check Point ZoneAlarm Anti-Ransomware actively recovers any encrypted files. In my testing, it did so for every ransomware sample. ZoneAlarm’s only error was one instance of reporting failure when it had actually succeeded.

For a quick sanity check, I launched a simple fake ransomware program that I wrote myself. All it does is look for text files in and below the Documents folder and encrypt them. It uses a simple, reversible cipher, so a second run restores the files. RansomStopper caught it and prevented its chicanery. So far so good.

Caution, Live Ransomware

The only sure way to test behavior-based ransomware protection is by using live ransomware. I do this very cautiously, isolating my virtual machine test system from any shared folders and from the internet.

This test can be harrowing if the anti-ransomware product fails its detection, but my RansomStopper test went smoothly. Like ZoneAlarm and Malwarebytes, RansomStopper caught all the samples, and I didn’t find any files encrypted before behavioral detection kicked in. Cybereason RansomFree did pretty well, but it missed one.

I also test using KnowBe4’s RanSim, a utility that simulates 10 types of ransomware attack. Success in this test is useful information, but failure can simply mean that the behavior-based detection correctly determined that the simulations are not real ransomware. Like RansomFree, RansomStopper ignored the simulations.

Boot-Time Danger

Keeping under the radar is a big deal for ransomware. When possible, it does its dirty deeds silently, only coming forward with its ransom demand after encrypting your files. Having administrator privileges makes ransomware’s job easier, but getting to that point typically requires permission from the user. There are workarounds to get those privileges silently. These include arranging to piggyback on the Winlogon process at boot time, or set a scheduled task for boot time. Typically, the ransomware just arranges to launch at boot and then forces a reboot, without performing any encryption tasks.

I mention this because I discovered that ransomware can encrypt files at boot time before RansomStopper kicks in. My own fake encryption program managed that feat. It encrypted all text files in and below the Documents folder, including RansomStopper’s bait text file. (Yes, that file is in a folder that RansomStopper actively hides, but I have my methods…)

I reverted the virtual machine and tried again, this time setting a real-world ransomware sample to launch at startup. It encrypted my files and displayed its ransom note before RansomStopper loaded. From my CyberSight contact I learned that they’re “testing several solutions” for this problem, and that an update in the next few weeks should take care of it. I’ll update this review when a solution becomes available.

RansomFree runs as a service, so it’s active before any regular process. When I performed the same test, setting a real-world ransomware sample to launch at startup, RansomFree caught it. Malwarebytes also passed this test. RansomBuster detected the boot-time attack and recovered the affected files.

To further explore this problem, I obtained a sample of the Petya ransomware that caused trouble earlier this year. This particular strain crashes the system and then simulates boot-time repair by CHKDSK. What it’s actually doing is encrypting your hard drive. Malwarebytes, RansomFree, and RansomBuster all failed to prevent this attack. RansomStopper caught it before it could cause the system crash—impressive! To be fair to the others, this one is not a typical file encryptor ransomware. Rather, it locks the entire system by encrypting the hard drive.

Querying my contacts, I did learn that boot-time ransomware attacks, including Petya, are becoming less common. Even so, I’m adding this test to my repertoire.

Other Techniques

Behavior-based detection, when implemented properly, is an excellent way to fight ransomware. However, it’s not the only way. Trend Micro RansomBuster and Bitdefender Antivirus Plus are among those that foil ransomware by controlling file access. They prevent untrusted programs from making any change to files in protected folders. If an untrusted program tries to modify your files, you get a notification. Typically, you get the option to add the unknown program to the trusted list. That can be handy if the blocked program was your new text or photo editor. Panda Internet Security goes even farther, preventing untrusted programs from even reading data from protected files.

Ransomware crooks need to take care that they’ll be able to decrypt files when the victim pays up. Encrypting files more than once could interfere with recovery, so most include a marker of some kind to prevent a second attack. Bitdefender Anti-Ransomware leverages that technique to fool specific ransomware families into thinking they’ve already attacked you. Note, though, that this technique can’t do a thing about brand-new ransomware types.

When Webroot SecureAnywhere AntiVirus encounters an unknown process, it starts journaling all activity by that process, and sending data to the cloud for analysis. If the process proves to be malware, Webroot rolls back everything it did, even rolling back ransomware activity. ZoneAlarm and RansomBuster have their own methods for recovering files. When the anti-ransomware component of Acronis True Image kills off a ransomware attack, it can restore encrypted files from its own secure backup if necessary.

Give It a Try

CyberSight RansomStopper detected and blocked all my real-world ransomware samples without losing any files. It also detected my simple hand-coded ransomware simulator. And it blocked an attack by Petya, where several competing products failed.

RansomStopper did exhibit a vulnerability to ransomware that only runs at boot time, but my sources say this type of attack is becoming less common, and CyberSight is working on a solution. Other free products had their own problems. RansomFree missed one real-world sample, and Malwarebytes let another sample encrypt a few files before its detection kicked in. RansomBuster fared worse, missing half the samples completely (though its Folder Shield component protected most files).

Check Point ZoneAlarm Anti-Ransomware remains our Editors’ Choice for dedicate ransomware protection. It’s not free, but at $2.99 per month it’s also not terribly expensive. If that still seems too steep, give the three free utilities a try, and see which one you like best.

Salesforce small-business customers can tap into AI, too

Salesforce competes against numerous boutique CRM, marketing and service-oriented cloud vendors catering to SMBs that don’t have the overhead Salesforce requires to do business. It might be argued that many SMBs don’t need all the bells and whistles Salesforce has to offer.

Marie Rosecrans, Salesforce’s senior vice president who leads SMB outreach, discussed at Dreamforce 2017 how SMBs can capitalize on the rich app and feature choices, as well as free training materials, that only Salesforce small-business customers can access.

What are the main challenges Salesforce small-business customers face that you’re trying to help solve?

Marie Rosecrans: One of the biggest challenges is just … time. They don’t have a lot of time. One of the things that we look to do as a technology vendor is save time by creating solutions that are easy to set up, easy to use and easy to scale. We get a lot of feedback from customers saying they want something they can set up immediately because they are so time- and resource-constrained.

With that simplicity in mind, and knowing that AI requires large data sets to derive usable insights, how can small businesses use Einstein, which is a complicated technology under the hood?

Rosecrans: One of the best tools we make available to all of our customers — but is most valuable to SMBs — is Trailhead. It’s a fun, easy, interactive way to learn. It gives everyone access to a lot of information and knowledge, and I would use that as a starting point to get educated around what you need as a small business. It’s not just for Salesforce; it’s, ‘What should I be considering as a small business around investing in CRM?’

Marie Rosecrans, Salesforce small-business leadMarie Rosecrans

Artificial intelligence is a topic that is getting a lot of momentum these days. I think small businesses feel daunted by the whole notion of AI. We launched a product called Essentials for folks just dipping their toe into CRM. We have incorporated elements of artificial intelligence directly into Essentials to help SMBs realize the benefits of that. As our customers work in email and calendars, all of that info is being captured into their CRM without data entry. That’s AI at work for them, right away.

There have been some low-code/no-code do-it-yourself Salesforce app-building tools released earlier this year and more announcements here. Is that feasible for Salesforce small-business customers? At the same time, might that cut into longtime partnerships Salesforce has with app developers who connect with SMBs?

As our customers work in email and calendars, all of that info is being captured into their CRM without data entry. That’s AI at work.
Marie Rosecranssenior vice president for SMB outreach at Salesforce

Rosecrans: Salesforce started as an SMB. SMBs have been core to our company, and so we keep that user experience top of mind. I absolutely agree that small businesses should be looking at low-code/no-code, declarative programing as a solution to accelerate their technology investments.

No two small businesses are alike. Each has its unique business challenges that they are looking to solve. One of the things that we look to make available to all of our customers is the AppExchange, the world’s largest business applications marketplace.

Finding, winning and keeping customers aren’t the only business challenges that small businesses have. So, by making the AppExchange available, we know there are going to be partner solutions out there that may more specifically fix or solve [those] business challenges. We want small businesses to use or embrace technology, because that will set them along that growth path.

Botched ERP implementation project leads to National Grid lawsuit

National Grid, an electric and gas utility company, has filed a lawsuit against IT services provider Wipro Ltd., alleging it delivered an ERP implementation project “that was of virtually no value to National Grid.” It said the contractor was paid $140 million for its work.

This lawsuit, filed Dec. 1 in the U.S. District Court in New York, described a series of problems with an SAP deployment. 

For instance, National Grid alleged the “new SAP system miscalculated time, pay rates and reimbursements, so that employees were paid too little, too much or nothing at all.” 

With respect to the supply chain functions, the ERP implementation project “devastated” the utility’s procurement, inventory and vendor payment processes. Two months after going live, “National Grid’s backlog of unpaid supplier invoices exceeded 15,000, and its inventory record keeping was in shambles.”

Wipro, a global IT services provider based in India, with about $8.5 billion in revenue and nearly 170,000 employees, quickly refuted the lawsuit’s allegations in a securities filing.

“National Grid has been a valued customer of Wipro in the U.S. and U.K. for several years,” the firm said in its filing. “Wipro strongly believes that the allegations misstate facts and the claims are baseless. Wipro will vigorously contest the allegation in court.”

Wipro said the ERP implementation project began in 2009 and had multiple vendors. The provider said it joined the project in 2010, and “the post go-live process was completed in 2014.”

“During the course of this ERP implementation project, National Grid gave Wipro many positive evaluations. Wipro also received an award from National Grid U.S. with respect to this project in 2014,” the firm said in its statement. 

It is not unusual to see a large ERP project end up in court. Earlier this year, MillerCoors filed a lawsuit against IT services firm HCL Technologies, an India-based IT services firm, over problems relating to a $100 million ERP implementation.

MillerCoors, in court papers, accused HCL of failing to provide leadership and to adequately staff the project. In its counterclaim, HCL said MillerCoors’ leadership team “did not understand the operations of their own business.”

National Grid is a multinational firm that provides utility services in the U.K. and in Massachusetts, New York and Rhode Island. The ERP deployment project began with the goal of upgrading back-office systems that run financials, HR, supply chain and procurement.

National Grid alleged that Wipro designed an “overly complex” SAP project.

“Rather than taking advantage of certain design and configuration options available within the out-of-the-box SAP software to minimize system complexity and reduce risk, Wipro’s inexperienced consultants engaged in excessive customization of the base SAP system,” according to the lawsuit.

The lawsuit claimed by September 2013, the continuing efforts to stabilize the new SAP system were costing approximately $30 million per month, totaling over $300 million.

National Grid did not respond by press time to a request for comment about the current usefulness of its SAP system.

Yahoo data breach hacker pleads guilty to cybercrime charges

A Canadian hacker pleaded guilty to the charges made against him following his involvement in the 2014 Yahoo data breach.

Karim Baratov is one of four men indicted and accused of being behind the Yahoo data breach that affected 3 billion user accounts. The other three men are still at large in Russia with no expectation that they will be extradited. Two of the three are officers in the Russian Federal Security Service and the other is a known hacker who is already wanted in the United States on other charges.

Baratov admitted to his involvement in the Yahoo data breach, which included hacking more than 11,000 webmail accounts from 2010 until his arrest earlier this year. He advertised on a Russian hacker-for-hire website and said he mostly spear phished his victims by sending them emails that linked to legitimate-looking websites where they would be prompted to provide their username and password. Once he received payments from his customers, Baratov would then send them the victims’ credentials.

In the case of the Yahoo data breach, Baratov pleaded guilty to one count of violating the Computer Fraud and Abuse Act by stealing information off of protected computers and causing damage to them. He also pleaded guilty to eight counts of aggravated identity theft.

“This case is a prime example of the hybrid cyber threat we’re facing, in which nation states work with criminal hackers to carry out malicious activities,” said Paul Abbate, the FBI’s Executive Assistant Director of Criminal, Cyber, Response and Services in a press release. “Today’s guilty plea illustrates how the FBI continues to work relentlessly with our private sector, law enforcement and international partners to identify and hold accountable those who conduct cyberattacks against our nation, no matter who they’re working with or where they attempt to hide.”

Baratov was arrested in Canada in March 2017 and indicted shortly after.

“The illegal hacking of private communications is a global problem that transcends political boundaries,” said Brian Stretch, U.S. Attorney for the Northern District of California. “Cybercrime is not only a grave threat to personal privacy and security, but causes great financial harm to individuals who are hacked and costs the world economy hundreds of billions of dollars every year. These threats are even more insidious when cyber criminals such as Baratov are employed by foreign government agencies acting outside the rule of law. With the assistance of our law enforcement partners in Canada, we were able to track down and apprehend a prolific criminal hacker who had sold his services to Russian government agents. This prosecution again illustrates that we will identify and pursue charges against hackers who compromise our country’s computer infrastructure.”

Baratov is being held in California without bail and is scheduled to be sentenced in February 2018.

In other news

  • A group of NATO allies are considering using offensive cyberattack measures in response to the growing threat of state-sponsored cyberwarfare. The U.S., Britain, Germany, Norway, Spain, Denmark and the Netherlands are looking to come to an agreement by 2019 on cyberwarfare principles for the military use of cyberattacks. Currently, NATO uses only defensive measures to deal with cybercrime, but recently cyberthreats have become a bigger priority for the organization as state-sponsored cyberattacks have played a bigger role in international relations. “There’s a change in the (NATO) mindset to accept that computers, just like aircraft and ships, have an offensive capability,” U.S. Navy Commander Michael Widmann told Reuters. This follows a move by the organization earlier this year to establish cyber as a military domain and join the ranks of land, air and sea — meaning that a cyberattack on one NATO ally would mean an attack on all NATO allies.
  • The China-based security research company Qihoo 360 Netlab has issued an early warning of a new variant of the Mirai malware that is spreading quickly on port 23 and 2323. Starting Nov. 22, Netlab wrote in a blog post, “we noticed big upticks on port 2323 and 23 scan traffic, with almost 100k unique scanner IP came from Argentina (sic). After investigation, we are quite confident to tell this is a new mirai variant (sic).” The researchers wondered whether this new attack was focusing on specific types of internet of things devices, similar to what happened in the 2016 Mirai attack on Deutsche Telekom, which took down the internet for approximately 1 million customers of the German telecom. The Mirai botnet attacks, and several variants after them, have plagued IoT devices globally since 2016.
  • According to an investigation by the Associated Press (AP), the FBI failed to notify U.S. government officials that they were targeted by the Russian hacking group Fancy Bear, despite having the information for the last year. AP received a list from cybersecurity firm SecureWorks of targeting data and was able to identify 500 U.S. targets on this list. Of the 500, AP contacted 190 of them and interviewed 80. Of those contacted, only two were notified by the FBI that they were targets. Even some senior officials were only informed that they were targeted by Fancy Bear when AP contacted them. According to AP, there is an FBI policy that says the Bureau should notify victims of ongoing and future hacking attempts as a means of protection. Many of the U.S. officials targeted by the Fancy Bear attacks had their email accounts compromised and inboxes posted on the DCLeaks website.

NetApp customers, partners press on after Las Vegas shooting

LAS VEGAS — Against the backdrop of a mass shooting here, NetApp customers and others attending the vendor’s annual Insight conference were understandably subdued. NetApp said about 4,000 people showed up for the event at Mandalay Bay Resort and Casino, but that is about half the anticipated attendance.

Many of the shows attendees returned home with memories of experiencing terror up close on the Las Vegas Strip. They saw SWAT teams on the street and in the air, and a stream of ambulances carrying gunshot victims. They were scared by rumors of more shooters as they scrambled to connect with co-workers and were forced to leave — or stay in — their hotel rooms for hours during a citywide lockdown.

NetApp Insight resumes, but ‘melancholy’ mood prevails

NetApp postponed its kickoff event originally scheduled for Monday. When NetApp Insight opened on Tuesday, NetApp customers and partners at the show said they struggled to go on with business as usual.

 “The mood here is very melancholy. People are looking around, more concerned about security,” said Tony Phan, a storage engineer at eBay, which he describes as a “big NetApp shop.”

On Sunday, Oct. 1, on the eve of NetApp Insight, a gunman identified by police as 64-year-old Stephen Paddock opened fire from his suite at the Mandalay Bay hotel. He killed 59 people and wounded hundreds more at an outdoor concert. Paddock later was found dead in the hotel room.

Las Vegas was placed on lockdown for the next 24 hours, with McCarran International Airport and Interstate 15 shut down, and major arteries in and out of the city blocked.

Phan arrived for Insight at 10 p.m. Sunday, at roughly the same time police say the shooting started. Phan had booked a room at New York-New York Hotel and Casino, about three blocks south of Mandalay Bay, and arrived shortly after reports of a second gunman inside his hotel.

“People were running through the lobby yelling, ‘There’s a shooter, there’s a shooter.’ It turned out to be false. There was no [second] shooter, but it was just chaos. People were panicking everywhere,” Phan said.

A SWAT helicopter descended around New York-New York to investigate the reports of a second shooter, and other SWAT officers appeared on the ground on the Las Vegas Strip.

A second helicopter hovered above the rooftops of MGM Resorts, following more erroneous reports of another gunman. Taking no chances, teams of armed police officers methodically conducted floor-by-floor searches of each hotel. Even after an “all clear” was given, those inside the hotels were not permitted to leave for several more hours.

As the helicopters whirred above, a stream of ambulances howled down Las Vegas Boulevard for the better part of two hours, ferrying shooting victims to nearby hospitals. A manager at the Tropicana Las Vegas resort offered the hotel’s luggage racks to serve as makeshift gurneys, transporting shooting victims to a hastily arranged triage area.

NetApp has a large on-site team to help coordinate the events at Insight. Several team members said they, like thousands of other visitors, were stranded in the aftermath of the shooting. Two team members were having dinner at Mandalay Bay when they suddenly were forced to evacuate. They hid in a cinema until 6:30 Monday morning.

A NetApp executive said she arrived at her hotel around 10:30 Sunday night, only to receive a flurry of texts from colleagues asking if she was safe. Then, she couldn’t find those same colleagues.

A bomb threat at the Luxor Resort and Casino put that facility on lockdown and heighted anxiety, although it proved to be a false alarm. The Luxor adjoins Mandalay Bay and is connected via a walkway.

‘Thought it was fireworks’

Among the NetApp customers to remain was Scott Stockton of Polsinelli PC law firm in Kansas City, Mo. Stockton, a Polsinelli systems engineer, said he heard a series of pops that he associated with the Route 91 Harvest music festival across the street from Mandalay Bay.

“I heard the shots, but I thought it was fireworks,” Stockton said, echoing a description used by survivors who attended the concert.

Stockton said he considered leaving Las Vegas on Monday, but decided to stick it out to show support for NetApp.

“I think they acted appropriately. They postponed the first day to give people time. We’re all here to learn; that’s why we come. We all have to keep going,” Stockton said.

The U.S. Navy uses a lot of NetApp storage gear, which is why Angel Pereira made the trip from Fort Bragg, N.C., to Las Vegas. Pereira, an integration systems specialist with U.S. Navy, learned of the shooting when a colleague called his cellphone to check on him.

“I was asleep in my hotel. I didn’t even know what had happened until everything was all over,” Pereira said, adding that he never considered leaving NetApp Insight.

“I was already here. I probably would have come anyway [even after the shooting]. You just have to keep going on. You can’t stop,” Pereira said.

NetApp customers and employees weren’t the only ones in attendance struggling to cope. Mike Brooks, a local freelance stagehand hired to work the event, heard about the shooting on the news, shortly before leaving Sunday to help with setup for Insight. Brooks did not leave for Mandalay Bay until Monday, only to turn around and go home after learning the resort was still locked down.

Brooks returned for Tuesday’s NetApp events, but said the Insight crowd was far below what he’s used to seeing at other Las Vegas conferences.

People are trying to move forward, he said, but it is difficult.

 “You can tell people don’t want to talk about [the shooting]. If you bring it up, there’s this awkward pause as people ty to change the subject,” Brooks said.

Oracle HCM Cloud AI, UX, analytics unveiled at Open World 2017

SAN FRANCISCO — Against the backdrop of the Oracle Open World 2017 conference, the software giant unveiled upgrades to its Oracle HCM Cloud system, adding artificial intelligence, analytics and user experience capabilities.

The announcement came as Oracle extended its concerted push into the cloud by further automating with new algorithms the Oracle HCM Cloud software-as-a-service suites.

The moves around artificial intelligence (AI) dovetail with a general progression in HR technology toward tools that make core HCM and specialized HR software, such as recruiting, more intuitive and more capable of applying advanced analytics to HR data storehouses.

The AI and user experience functionalities are part of a new release of Oracle HCM Cloud: Oracle Cloud Applications Release 13. Also included are new recruiting, workforce health and safety management and governance, risk and compliance modules.

“The latest additions to Oracle HCM Cloud incorporate simple but powerful features that enable organizations to leverage the latest innovations to anticipate and plan for the future,” Chris Leone, senior vice president, Oracle Applications Development, said in a release. “By combining innovations in artificial intelligence and user experience with major enhancements to core HR modules, we are able to help HR leaders drive digital transformation and positive business outcomes.”

HR tech analyst Holger Mueller, of Constellation Research, said the Oracle news was “more than Oracle has released in years.”

Mueller noted that Oracle added native recruiting to further integrate its HCM suite and that the company is trying to make its talent management technology work better.

“And AI is always key these days, though it’s less than I’d like to see yet,” Mueller said.

Noting additions such as for volunteering, Mueller said, “It’s good to see innovation across the portfolio.”

He also said it will be interesting to see how users of Oracle’s Taleo talent management system will react to the company’s new moves in that area.

Keeping up with innovations

Meanwhile, HR tech analyst Brian Sommer said that with the Oracle HCM Cloud play, Oracle appears to be trying to keep pace with innovations around AI and chatbots in HR recruiting software.

Now they’ve added this chatbot capability … for job candidates trying to navigate all the available positions. It’s kind of nice, but it just maintains competitive parity.
Brian Sommerfounder, TechVentive Inc.

Sommer also noted that Oracle has previously included AI components in career development and learning modules.

“So, now they’ve added this chatbot capability … for job candidates trying to navigate all the available positions,” said Sommer, founder of the tech consulting firm TechVentive Inc. “It’s kind of nice, but it just maintains competitive parity.”

Sommer said the new Oracle HCM Cloud algorithmic capabilities for HR hiring managers to help screen candidates could be a significant move, but it was unclear if Oracle had corrected for existing biases in employment data sets.

“I hope they’re going to open up the black box around the algorithms to make it incredibly transparent and make it tailorable for customers to adjust as the algorithms and the recruiting operation get more savvy,” he said.

As for the UX capabilities, Sommer said all major HR tech vendors need to revamp and upgrade user interfaces and usability to stay competitive, and Oracle appears to have met those aims with this release of Oracle HCM Cloud.

HCM part of broader outlook

As Oracle unveiled the Oracle HCM Cloud updates, Mark Hurd, the company’s CEO, said in a keynote that Oracle is responding to a rapidly changing global economy with technology accelerating and countries’ gross domestic products stagnant, but consumer spending and expectations high.

The Oracle HCM Cloud announcement came during the height of the run-up to the HR Technology conference, the biggest U.S. HR tech show, which starts Oct. 10 in Las Vegas.

Two major native HR tech vendors in the HT tech space, Ceridian and Workday, are holding their annual user conferences in the same time frame. These Oracle competitors and others traditionally also release what they consider significant product upgrades or sometimes new products at the events.

The Workday Rising 2017 conference is Oct. 9-12, overlapping with the HR Technology show. Ceridian’s Insights customer forum is Oct. 2-6.

Smaller but still influential HR tech vendors such as SmashFly and Entelo are also competing vigorously in the recruiting arena against Oracle and other HCM suite vendors, Sommer said. Some of Oracle’s moves are more of a reaction to them than to the bigger vendors, he added.

Oracle said the new release of Oracle HCM Cloud also includes new applications for:

  • recruiting, with stronger sourcing and wider recruiting capabilities;
  • workforce health and safety, management; and
  • governance, risk and compliance.

The company also said additions to existing modules include:

  • software to help employees who want to volunteer;
  • knowledge management tools to improve the Oracle HR Help Desk Cloud; and
  • a continuous employee feedback function.

Antimalware tools can impair Windows container performance

Antivirus and many antimalware tools operate by scanning files against a database of known threats and often perform…


* remove unnecessary class from ul
$(“#inlineregform”).find( “ul” ).removeClass(“default-list”);

* Replace “errorMessageInput” class with “sign-up-error-msg” class
function renameErrorMsgClass() {
$(“.errorMessageInput”).each(function() {
if ($(this).hasClass(“hidden”)) {
$(this).removeClass(“errorMessageInput hidden”).addClass(“sign-up-error-msg hidden”);
} else {

* when validation function is called, replace “errorMessageInput” with “sign-up-error-msg”
* before return
function validateThis(v, form) {
var validateReturn = urValidation.validate(v, form);
return validateReturn;

* DoC pop-up window js – included in moScripts.js which is not included in responsive page
$(“#inlineRegistration”).on(“click”,”a.consentWindow”, function(e) {
window.open(this.href, “Consent”, “width=500,height=600,scrollbars=1”);

additional heuristic analysis of those files for potentially unknown threats. In a typical bare-metal or virtualized system, the process of file scanning can take some time and possibly impact workload performance. But malware scanning can pose an even greater performance impact for a system hosting containers.

The problem is shared components. Containers are built from a series of components or layers, such as the Windows base OS package. Those components or layers are typically shared between containers using placeholders — called reparse points — to compose each isolated container. When placeholders are read, the reads are redirected to the underlying component. If a container modifies a component, the placeholder is replaced with the modified component.

However, most antimalware tools operate above this level and never see the redirection taking place. Therefore, they have no way of knowing which container components are placeholders and which are modified. As a result, a scanning process can wind up rescanning the same underlying components for every container. This can cause a significant amount of redundant scanning on a host system with many containers. The result is reduced container performance because the same components are getting scanned far more often than they need to be.

It might be possible to avoid redundant scanning by helping antimalware tools “see” whether the container components are placeholders or modified — new — elements. Administrators can modify a container volume by attaching a specific extra create parameter to the Create CallbackData flag that receives placeholder information and then checking the ECP redirection flags. If the ECP indicates that a file was opened from a remote or registered layer, antimalware tools can skip the scan. If the ECP indicates that a file was opened from a local package or scratch layer, antimalware tools can scan normally.

Microsoft documentation provides additional details and instructions for this antimalware scanning workaround.

Next Steps

Learn about antimalware protection and endpoint security

Secure each layer of the container stack

Ensure container isolation and prevent root access

Dig Deeper on Application virtualization

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever’s puzzling you.