Blog Posts Tagged with "Network Security Monitoring"

A88973e7d0943d295c99820ab9aeed27

Tackling Modern Malware

August 15, 2012 Added by:Simon Heron

With conventional antivirus products, their signature bases are never completely up to date. When a new infection emerges, it simply roams freely across all endpoints. Conversely, WSA leverages behavioural monitoring to pick up infections when it isn’t sure whether a file is malicious or not...

Comments  (0)

Cb9aade927a0abf5b0bbdd2a4aaf8716

Leveraging Regular User Accounts to Achieve Compromise

July 31, 2012 Added by:Jake Garlie

One of the more common ways pentesters break in to networks is by leveraging regular user accounts which have been compromised. They can be used in various ways to compromise systems, data, applications, and more. Once valid user accounts are obtained, using them throughout the network rarely triggers any alarms...

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

Information Security, Hackers, and Vigilance

July 30, 2012 Added by:Tripwire Inc

The bottom line: Attackers are always looking for mistakes, outliers, and inconsistencies so they can use them against you. This means your security programs need to be robust, resilient, measurable, and – as much as possible – consistent (vs. ad hoc)...

Comments  (0)

7c5c876d1933023ac375eead04302e1a

You Shouldn't Train Employees for Security Awareness: Rebuttal

July 23, 2012 Added by:Boris Sverdlik

I tried to keep my comments limited to Twitter, but with this pile up on Security Awareness, I felt an obligation to put my opinion out there once again. @Krypt3ia and @iiamit have both posted their rebuttals respectively calling each other wrong of course, but where's the excitement without debate?

Comments  (2)

Bd07d58f0d31d48d3764821d109bf165

What Actions Do Your Security Metrics Promote?

July 12, 2012 Added by:Tripwire Inc

“It is possible to focus on a single metric and drive it up or down, but wreak havoc on the organization through unintended side effects. Some organizations have to deal with some people “gaming the metrics”, which again can lead to unintended side effects. Other organizations use metrics as a way to begin a conversation..."

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

Join Infosec Island and Tripwire at Black Hat USA 2012

July 10, 2012 Added by:Infosec Island Admin

Black Hat remains the biggest and the most important technical security conference series in the world by delivering timely, actionable security information in a vendor-neutral environment. Infosec Island would like to extend a special thanks to Tripwire for making possible our presence at the event...

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

Cyberoam DPI Vulnerability Alarms Tor Project

July 10, 2012 Added by:Pierluigi Paganini

Tor Project found a vulnerability in Cyberoam DPI where all share the same digital certificate and the private key is the same for every device. The implications are serious, as it could be possible to catch traffic from any user by extracting the key and importing it into other DPI devices for interception...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Detecting Unknown Application Vulnerabilities "In Flight"

July 10, 2012 Added by:Rafal Los

While you certainly can use velocity and frequency to detect attacks against a web application, high frequency doesn't always mean an attack or that a vulnerability is present. But, it is a fallacy to assume that a component needs to have a high frequency or velocity to signal targeting by an attacker....

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

Are Your Security Metrics “Top Five" Worthy?

July 09, 2012 Added by:Tripwire Inc

In conversations with infosec executives, a common question is “What should I really be measuring?,” or they make comments like “I report on a lot of things, but I am not sure what the top security indicators are that I should roll up to my executive team.” Here are the five characteristics of effective metrics...

Comments  (1)

B64e021126c832bb29ec9fa988155eaf

The Five Most Important Reasons to Perform Network Auditing

June 21, 2012 Added by:Dan Dieterle

Network auditing may sound like an arduous task but, with the right tools and the right approach, it can be an easy to perform and critical aspect of your network management. If you are not yet performing regular network auditing, use these five important reasons to convince management it’s time to start...

Comments  (3)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Increasing Logging Capabilities

June 21, 2012 Added by:Infosec Island Admin

System and network device logs provide valuable records of system activity. Logs may yield indicators of compromise, C2 communications, exfiltrated data, remote access logons, and other valuable data. Organizations should consider enabling the following types of logging...

Comments  (0)

E313765e3bec84b2852c1c758f7244b6

Thirteen Tips to Secure Your Virtual Machine Environment

June 14, 2012 Added by:Brent Huston

Virtual environments are becoming more popular, enabling multiple OS environments and providing disaster recovery solutions. Safeguarding your virtual environment is vital, though it doesn’t have the same issues as a physical environment. Here are a few tips to keep things running smoothly...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Detection and Mitigation Recommendations

June 06, 2012 Added by:Infosec Island Admin

While it might seem reasonable to find and eliminate the intruder on a machine-by-machine basis as compromised hosts are identified, unless the response execution prevents lateral movement of the adversary across the network, the cleanup process will likely not succeed...

Comments  (0)

54a9b7b662bfb0f0445d1661d7ed180b

Keeping Technology Staff Honest

June 05, 2012 Added by:Jayson Wylie

Technology staff, on occasion, have had an all-access pass to all data on Window’s networks. This creates an environment where the support staff has exposure in having access to sensitive and confidential stuff stored in the most private parts of the organization’s data stores...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

NoOps and the Role of Infosec in Software Development

May 23, 2012 Added by:Rafal Los

The NoOps approach to software provides an opportunity to tightly integrate security, but we've got to get it right. If you can implement security during these cycles, spend time analyzing how workstreams will flow and what tools will be used to standardize and automate...

Comments  (1)

0a8cae998f9c51e3b3c0ccbaddf521aa

Logging: Opening Pandora's Box - Part 3 - Paralysis

May 17, 2012 Added by:Rafal Los

Paralysis can come from over-dependence on analysis. You've heard the term "analysis paralysis" where someone spends so much time trying to make the perfect decision while factors change that ultimately no decision is made before the deadline passes or some event happens...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »