Blog Posts Tagged with "Network Security Monitoring"

E6258b956c06d8dbabbde10d4919e5ef

Three Compliance Trends to Watch in 2015

January 26, 2015 Added by:Mav Turner

Continuous compliance involves constantly reviewing processes and quickly making any necessary updates as a result of deviations from their intended performance. However, despite the fact that continuous compliance is effective at eliminating the gaps between compliance and security, it also greatly increases the complexity of managing compliance.

Comments  (2)

Bd07d58f0d31d48d3764821d109bf165

Automatic security response: What will it take for you to trust it?

November 13, 2012 Added by:Tripwire Inc

We need to evolve our security capabilities to a point where both the detection and the countermeasures can be automated and automatic. That is the only way we’ll get fast enough to prevent or at least significantly limi) the damage from unexpected attacks. The problem? We don’t tend to trust automation...

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

Protection Tax

October 25, 2012 Added by:Tripwire Inc

Unfortunately, you don’t know what you don’t know. You don’t know what your security posture looks like between scans, you don’t what configuration-related exploit or breach indicators you might be missing. In today’s security-is-just-an-illusion environment, getting visibility and knowledge is everything...

Comments  (0)

E376ca757c1ebdfbca96615bf71247bb

Network Surveillance Devices Discovered via Shodan

September 20, 2012 Added by:shawn merdinger

It’s no secret that Shodan has turned up some interesting findings over the years. Now, we can add surveillance devices like BlueCoat Proxy and PacketShaper boxes, Cisco routers running Lawful Intercept code and various vendors’ CALEA Mediation Devices to what savvy researchers can find...

Comments  (1)

Fd7e078e5bfb68a4be33cbfac76f4f70

Detecting Window Stations and Clipboard Monitoring Malware with Volatility

September 19, 2012 Added by:Michael Ligh

Explore undocumented windows kernel data structures related to window station objects and the clipboard. Detect clipboard-snooping malware using Volatility - an advanced memory forensics framework...

Comments  (0)

54a9b7b662bfb0f0445d1661d7ed180b

Practical Packet Analysis

September 18, 2012 Added by:Jayson Wylie

This book details topics and features to help analyze traffic issues and identify potential problematic points to improve performance and verify the valid flow of common network communications that can help differentiate the good traffic from the bad...

Comments  (1)

99edc1997453f90eb5ac1430fd9a7c61

How to Fake Network Security Monitoring

September 13, 2012 Added by:Javvad Malik

You’re the new guy in the security ops team, they’re giving you a very crucial and important job… Monitoring. You’ll be told how it is essential to be done correctly. But you notice that nobody really shows any interest in doing it. There’s are two reasons for this...

Comments  (4)

Bd07d58f0d31d48d3764821d109bf165

Real World Information Security

September 05, 2012 Added by:Tripwire Inc

Alex uncovered a poorly designed web page and convinced it to give up its secrets. What followed was a quick RDP war trying to plant our backdoor. I found myself with root level access having blasted away at it using Metasploit and uncovered several Easter eggs instructors had planted...

Comments  (0)

924ce315203c17e05d9e04b59648a942

Is Packet Capture Critical? Heck Yes...

September 04, 2012 Added by:Richard Stiennon

Beaconing detection is a feature in the fastest growing security solutions in the market. I am tracking most of these vendors at 100% annual growth rates, a sure sign of a trend. Intelligent packet capture is a must-have technology in every cyber defense armament...

Comments  (1)

25c95f8b408153139da509683b7b6603

Whitelisting Traffic: A practical Exercise for Network Defenders

September 04, 2012 Added by:Johannes Ullrich, Ph.D.

Host-based intrusion detection has seen some significant advances and it has come to encompass a lot more than what we currently understand as "anti-virus" or "anti-malware". All too often we still mirror network-based intrusion detection and are looking for signatures of "badness"...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

The Deep Web vs. Network Security Monitoring

August 31, 2012 Added by:Dan Dieterle

The “Deep Web”, Dark Web or hidden internet, is a massive collection of sites and databases that don’t show up in standard search engines. So, is this a place that you want ANYONE on your corporate network to visit? NO WAY. Though many use Tor for legitimate purposes, the deep web just isn’t that kind of place...

Comments  (3)

296634767383f056e82787fcb3b94864

Lessons for CEOs from the Saudi Aramco Breach

August 27, 2012 Added by:Jeffrey Carr

Most security operations centers are monitoring for an APT-style attack and their defensive tactics are geared towards interrupting it by use of an "intrusion kill chain". The attack on Saudi Aramco didn't fit this model, and hence would have been completely missed by most of the world's largest companies...

Comments  (1)

7fef78c47060974e0b8392e305f0daf0

Threat Intelligence: Plenty Out There, But Are You an Analyst?

August 27, 2012 Added by:Infosec Island Admin

As the complexity of attacks grow at a rate outstripping the pace of Moores Law, defenders have to take up a more nuanced approach to protecting their environments. Reliance on technical solutions alone is not tenable, you have to look at the creature behind the keyboard to get a better picture of the attack...

Comments  (1)

0a8cae998f9c51e3b3c0ccbaddf521aa

False Flags, Geopolitics and Cyber Spies

August 22, 2012 Added by:Rafal Los

False flag is when an operation of some kind is carried out by one group but falsely attributed to another. Whether it's a rogue attacker attributing an attack to a rival group or a nation-state attempting to cause tensions between rival nations for their own benefit - the conspiracy theories write themselves...

Comments  (0)

959779642e6e758563e80b5d83150a9f

Network Exposure and Healthcare Privacy Breaches

August 20, 2012 Added by:Danny Lieberman

EHR interconnected with HIE systems have a big threat surface, because of big, very complex software systems with a large number of attacker entry points. Healthcare system vulnerabilities are compounded since everyone is using the same technology from Microsoft and following the same HIPAA compliance checklists...

Comments  (0)

924ce315203c17e05d9e04b59648a942

Is Your IT Posture that of a Protector, a Detective, or a Warrior?

August 19, 2012 Added by:Richard Stiennon

The attackers are going to breach your network to get what they want. The question is: how fast can you discover an intrusion, figure out what the attacker is after, stop the attack, clean up – and prepare for their return? After all, motivated attackers will be back...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »