Blog Posts Tagged with "Systems"

C787d4daae33f0e155e00c614f07b0ee

Spring Cleaning for Your Security Toolbox

July 08, 2012 Added by:Robb Reck

Give each system and process a priority rating. The ones with the highest rating get the training, money and man-power assigned to master, maintain and run them. The ones with lower ratings get a project plan set up for decommissioning. As in most things in life, true excellence is in quality, not quantity...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

The Resilient Enterprise: Taming Chaos with Automation

June 20, 2012 Added by:Rafal Los

Whatever the incident or failure, the system can detect and respond in an automated fashion as long as its within the realm of known things. When things fail or break in a new way that has never been seen before, the system will take corrective action to restore service to the best of its ability...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Stability is Bad for Your Business

June 19, 2012 Added by:Rafal Los

In really re-evaluating what my whole push behind enterprise resiliency is all about - I've come to realize that the stability / resiliency tradeoff is actually quite intuitive, it's just that not many of us were taught to think this way. What we're really saying is that stability is bad...

Comments  (0)

99edc1997453f90eb5ac1430fd9a7c61

CISSP Reloaded Domain 5: Security Architecture and Models

April 09, 2012 Added by:Javvad Malik

This domain has a good title and there is probably a lot one can talk about. There are not enough competent security architects on the market. Sure you can get a lot of penetration testers of or risk and compliance type people. But good architects are hard to come by...

Comments  (0)

E313765e3bec84b2852c1c758f7244b6

Why a Data Flow Map Will Make Your Life Easier

October 23, 2011 Added by:Brent Huston

It’s impossible to protect everything in your environment if you don’t know what’s there. All system components and their dependencies need to be identified. This isn’t a mere inventory listing. Adding the dependencies and trust relationships is where the effort pays off...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Today is Annual System Administrator Appreciation Day

July 29, 2011 Added by:Headlines

While we enjoy the opportunity to go home from the office at the end of the work day, SysAdmins are still on the job fighting off unauthorized access attempts, protecting our sensitive data, and working hard to improve network performance...

Comments  (1)

0a8cae998f9c51e3b3c0ccbaddf521aa

Stroke Development Versus Not Drowning

July 28, 2011 Added by:Rafal Los

Sony, Fox/Murdoch, et al, are all being harried by vulnerabilities left open in the backwaters of their infrastructure, not by bruteforce through the main gates. What little surprises might one find by using this time for review and planning?

Comments  (0)

C787d4daae33f0e155e00c614f07b0ee

Focusing on Success or Failure in IT and Infosec

June 01, 2011 Added by:Robb Reck

Information security works differently than IT. Rather than focusing on how to build a system that can meet a requirement, the security-minded will focus on how to build a system that cannot do anything but meet a requirement. The difference is subtle, but critically important...

Comments  (0)

D8853ae281be8cfdfa18ab73608e8c3f

Dumping Hashes on Win2k8 R2 x64 with Metasploit

June 01, 2011 Added by:Rob Fuller

When trying to dump password hashes on a Windows 2008 R2 64 bit box I constantly run into the "The parameter is incorrect" error in Meterpreter. Well, with a bit of migration you'll be back to passing the hash. Here is how, with a bit of the thought process first...

Comments  (0)

C787d4daae33f0e155e00c614f07b0ee

Architecting Secure Information Systems

May 04, 2011 Added by:Robb Reck

Creating secure systems from the ground up requires different skills than buying and bolting on technologies to implement security after the fact. You have the chance to build this new system with a strong foundation. Do not miss your chance to show how security should be addressed...

Comments  (0)

634ff692af43fd4dc5dab3b8590c77d6

Parallelized Data Mining Security

April 12, 2011 Added by:K S Abhiraj

Problems with protecting hosts from malicious code are understood. The problem posed by malicious hosts to entities and the environment is more complex. Since an entity is under the control of the executing host, the host can in principle do anything to the event and its code...

Comments  (2)

69dafe8b58066478aea48f3d0f384820

Stuxnet Prompts Call for SCADA Security Standards Review

March 11, 2011 Added by:Headlines

"Stuxnet really didn't change anything. The vulnerabilities have all been there for awhile. Most SCADA networks are pretty wide open and are susceptible to attacks. Stuxnet did, however, open our eyes to what is possible now..."

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Implementing Complex Systems for Testing Application Logic

March 07, 2011 Added by:Rafal Los

Creating a system or a testing framework which can appropriately enable a previously entirely manual process is tricky - and while fully automating the finding of logic flaws may still be beyond our reach the research and ideas presented herein are steps forward to that direction...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Point-of-Sale Systems are Easy Target for Hackers

March 06, 2011 Added by:Dan Dieterle

Online systems are slowly becoming better at protecting data, mostly because they have been under constant attack for a long time. Hackers are very opportunistic, and cyber crime has become big business. Speed counts, and if it is faster just to target the POS system, you better believe they will...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Securing Critical Infrastructure at a Snail's Pace

February 11, 2011 Added by:Headlines

"We can continue to pursue outdated strategies and spend our time describing the problem until there is some crisis. Then it is likely that the United States will act, in haste, possibly with unfortunate consequences. Alternatively, we can take action on measurably effective policies...."

Comments  (0)

69dafe8b58066478aea48f3d0f384820

NASDAQ Issues Statement on Security Breach

February 09, 2011 Added by:Headlines

"We detected suspicious files on the U.S. servers unrelated to our trading systems and determined that our web facing application Directors Desk was potentially affected. We immediately conducted an investigation, which included outside forensic firms and U.S. federal law enforcement..."

Comments  (0)

Page « < 1 - 2 > »
Most Liked