Blog Posts Tagged with "SIEM"
The Search for Infosec Minds
November 01, 2012 Added by:Ian Tibble
Since the early 2000s, I have commented in different forms on the state of play, with a large degree of cynicism, which was greeted with cold reservation, smirks, grunts, and various other types of un-voiced displeasure, up to around 2009 or so. But since at least 2010, how things have changed...
Comments (0)
Real World Information Security
September 05, 2012 Added by:Tripwire Inc
Alex uncovered a poorly designed web page and convinced it to give up its secrets. What followed was a quick RDP war trying to plant our backdoor. I found myself with root level access having blasted away at it using Metasploit and uncovered several Easter eggs instructors had planted...
Comments (0)
Is Packet Capture Critical? Heck Yes...
September 04, 2012 Added by:Richard Stiennon
Beaconing detection is a feature in the fastest growing security solutions in the market. I am tracking most of these vendors at 100% annual growth rates, a sure sign of a trend. Intelligent packet capture is a must-have technology in every cyber defense armament...
Comments (1)
Detecting Unknown Application Vulnerabilities "In Flight"
July 10, 2012 Added by:Rafal Los
While you certainly can use velocity and frequency to detect attacks against a web application, high frequency doesn't always mean an attack or that a vulnerability is present. But, it is a fallacy to assume that a component needs to have a high frequency or velocity to signal targeting by an attacker....
Comments (0)
Logging: Opening Pandora's Box - Part 3 - Paralysis
May 17, 2012 Added by:Rafal Los
Paralysis can come from over-dependence on analysis. You've heard the term "analysis paralysis" where someone spends so much time trying to make the perfect decision while factors change that ultimately no decision is made before the deadline passes or some event happens...
Comments (0)
Logging: Opening Pandora's Box - Part 2 - Elation
May 10, 2012 Added by:Rafal Los
Once you get over the anxiety of logging, a wave of elation generally hits. Whether you're getting excited about being able to catch evil-doers in the act, or the capability to notice system failures before they happen logging can save your skin more than you'd think...
Comments (0)
Logging: Opening Pandora's Box - Part 1 - Anxiety
May 09, 2012 Added by:Rafal Los
You're probably worried that log analysis is going to consume all of your time, or you'll find out that your organization has been pwn3d for years and all your data has been exfiltrated in real-time and your latest database is being copied off to China... aren't you?
Comments (0)
Smart Grid Security, Challenges and Change
May 08, 2012 Added by:Larry Karisny
The cost and time of trying to become compliant with guidelines and standards will put smart-grid security years off before it can achieve any security solutions. There must be a way out of what people in the security business are now calling the "smart grid security circus"...
Comments (0)
ICS-CERT: Planning for a Cyber Incident?
May 08, 2012 Added by:Infosec Island Admin
Organizations without an existing incident response capability should consider establishing one. To aid control systems owners and operators, the CSSP has prepared a Recommended Practice: Developing an Industrial Control Systems Cybersecurity Incident Response Capability...
Comments (0)
Outsourcing SIEM and Log Analysis
April 29, 2012 Added by:Marc Quibell
What are the risks of MSSPs managing the detection and analysis of network activity data for your company? There are some events that, if detected early, may avert lawsuits, data breaches and other embarrassing or career-ending moments for a company...
Comments (4)
Wait, What? Someone Has to Look at Those Logs?
April 26, 2012 Added by:Jack Daniel
Monitoring the performance of your MSSP is cheap insurance- the last thing you want to face is a failure of your service and the need to rebuild an in-house program. You thought getting all that data pushed out to the MSSP was a pain- just imagine trying to get it back...
Comments (1)
A Tribute to Our Oldest and Dearest Friend - The Firewall
April 22, 2012 Added by:Ian Tibble
We have a lot of bleeding edge software and hardware products in security backed by fierce marketing engines which set unrealistic expectations. Out of all these products, the oldest carries the highest bang for our bucks - the firewall...
Comments (0)
Protecting Your Enterprise by Breaking It
April 20, 2012 Added by:Rafal Los
In a nutshell, if you (in information security) haven't broken things in your organization's networks, you're likely terribly unprepared for when things to wrong and thus are doing it wrong. Now, before you come all unhinged, read the rest of this post...
Comments (0)
Webinar: Reducing Visibility Costs with Unified Security Management
April 17, 2012 Added by:Infosec Island Admin
Webinar: Thursday, April 19, 2012 12:00 PM - 1:00 PM EST - Beyond improving your basic defenses, understand how unifying security management can maintain compliance and provide visibility into your infrastructure at a lower cost than traditional approaches...
Comments (0)
Reducing the Cost of Visibility with Unified Security Management
April 09, 2012 Added by:Infosec Island Admin
Webinar: Thursday, April 19, 2012 12:00 PM - 1:00 PM EST - Beyond improving your basic defenses, understand how unifying security management can maintain compliance and provide visibility into your infrastructure at a lower cost than traditional approaches...
Comments (0)
LIGHTS Webinar: Cybersecurity Across Critical Infrastructures
April 08, 2012 Added by:Chris Blask
LIGHTS is a private-private non-profit partnership which provides a collaborative space to promote cybersecurity situational awareness across critical infrastructures. The goal of LIGHTS is to increase visibility into threats by making security monitoring ubiquitous...
Comments (0)
- Improving Security by Failing Faster
- BYOD: Should It Be the Wave of the Future?
- Trend Micro Discovers "SafeNet" - a New Targeted Espionage Operation Online
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)
- Complimentary IT Security Resources [May 13, 2013]
- Steps Toward Weaponizing the Android Platform
- Mobile Security Processes Could Be Applied to Medical Devices: Bluebox