Blog Posts Tagged with "Intrusion Detection"
January 13, 2013 Added by:Larry Karisny
We start with one big problem. Internet architecture was never made for security. One of my earliest articles quoted the father of the Internet Vint Cerf by saying, "One of things incumbent on all of us is to introduce strong authentication into the fabric of the smart grid. We did not do that with the Internet."
January 04, 2013 Added by:Larry Karisny
Current IDS solutions have high instances of false positives and true negatives and are extremely costly to maintain. Current IDS solutions were not designed for today's hyper connected business processes with high volume of instances. Attempting to detect misuse or anomalous behaviors requires infinite numbers of rules, patterns or algorithms, which is not possible, and is therefore the cause of ...
November 13, 2012 Added by:Tripwire Inc
We need to evolve our security capabilities to a point where both the detection and the countermeasures can be automated and automatic. That is the only way we’ll get fast enough to prevent or at least significantly limi) the damage from unexpected attacks. The problem? We don’t tend to trust automation...
September 23, 2012 Added by:Larry Karisny
So what if we could create an anomaly algorithm that could audit, detect and approve positive input events in business processes. And if we could do this then wouldn’t risk management and security actually just be a byproduct of allowing these positive business events to occur?
September 22, 2012 Added by:Brent Huston
Emphasize that there are security measures that are effective in zero day situations. These include such controls as anomaly based detection mechanisms, system user security training, and incident response programs. If you can detect these attacks early and respond to them correctly...
September 19, 2012 Added by:Michael Ligh
Explore undocumented windows kernel data structures related to window station objects and the clipboard. Detect clipboard-snooping malware using Volatility - an advanced memory forensics framework...
September 18, 2012 Added by:Jayson Wylie
This book details topics and features to help analyze traffic issues and identify potential problematic points to improve performance and verify the valid flow of common network communications that can help differentiate the good traffic from the bad...
September 16, 2012 Added by:Brent Huston
Utilities have been computerizing their SCADA systems for years now. This has allowed them to save money, time and manpower and has increased their situational awareness and control flexibility. However, industrial control systems are usually not very robust and also very ‘dumb...
September 13, 2012 Added by:Javvad Malik
You’re the new guy in the security ops team, they’re giving you a very crucial and important job… Monitoring. You’ll be told how it is essential to be done correctly. But you notice that nobody really shows any interest in doing it. There’s are two reasons for this...
September 12, 2012 Added by:Randall Frietzsche
If we are charged with designing, architecting, implementing, deploying, integrating, training and supporting security technology, processes and policies within our organization, we might discover that this work is really an art more than a science...
September 12, 2012 Added by:Mike Gault
The security market in 2012 is estimated at $60 billion, yet adding more layers of perimeter security may be completely useless against a determined sysadmin working on the inside. The end result is that your data might or might not be secure – you simply have no way to prove it...
September 05, 2012 Added by:Tripwire Inc
Alex uncovered a poorly designed web page and convinced it to give up its secrets. What followed was a quick RDP war trying to plant our backdoor. I found myself with root level access having blasted away at it using Metasploit and uncovered several Easter eggs instructors had planted...
September 04, 2012 Added by:Richard Stiennon
Beaconing detection is a feature in the fastest growing security solutions in the market. I am tracking most of these vendors at 100% annual growth rates, a sure sign of a trend. Intelligent packet capture is a must-have technology in every cyber defense armament...
September 04, 2012 Added by:Johannes Ullrich, Ph.D.
Host-based intrusion detection has seen some significant advances and it has come to encompass a lot more than what we currently understand as "anti-virus" or "anti-malware". All too often we still mirror network-based intrusion detection and are looking for signatures of "badness"...
August 27, 2012 Added by:InfoSec Institute
Ghost is a honeypot for detecting malware that spreads via USB devices. It first tries to emulate a USB thumb drive. If the malware identifies it as a USB thumb drive, it will trick the malware into infecting it. Ghost then looks for write based requests on the drive, which is an indication of a malware...
August 19, 2012 Added by:Richard Stiennon
The attackers are going to breach your network to get what they want. The question is: how fast can you discover an intrusion, figure out what the attacker is after, stop the attack, clean up – and prepare for their return? After all, motivated attackers will be back...
Mobile Security Processes Could Be Applied t... Johnnie Nix on 05-21-2013
ATM Security (And Really Learning from the P... Johnnie Nix on 05-21-2013
New Study Published on Mobile Malware... Caitlin Rachel on 05-21-2013