Videos Tagged with "Network Security"
On Proper System Hardening
May 16, 2012
When a system or device has been properly hardened, all unnecessary bells and whistles are turned off, disabled, or simply ripped out, leaving only the bare minimum needed to run the service. This creates a much smaller surface area to attack...
Comments (0)
LIGHTS: Addressing Cybersecurity for Smaller Facilities
April 27, 2012
Watch the roundtable launch of the LIGHTS program from April 24. LIGHTS Chair Chris Blask opens with a presentation on major issues facing industrial facilities, then is joined by Energysec's Steve Parker, Joel Langill a.k.a. SCADAHacker, and AWWA's Kevin Morley and Gary Sturdavan...
Comments (1)
Using Interface Devices for Network Penetration Testing
April 26, 2012
Javvad Malik caught up with Nikhil Mittal at Black Hat Europe 2012 to talk about some human interface technology and their use in network penetration testing. Javvad's coverage of Black Hat Europe courtesy of Infosec Island and NETpeas...
Comments (0)
The Future of Network Security, SSL, and Certificate Authorities
April 25, 2012
Infosec Island's Javvad Malik caught up with Tom Ritter at Black Hat Europe 2012 to discuss the future of network security, SSL, Certificate Authorities and all kinds of security goodness. Javvad's coverage of Black Hat Europe courtesy of Infosec Island and NETpeas...
Comments (0)
Javvad Malik Interviews Don Bailey at Black Hat EU 2012
April 24, 2012
Javvad Malik caught up with Don Bailey at Black Hat Europe 2012 to hear about machine to machine technology and the security challenges it brings. Javvad's coverage of Black Hat Europe courtesy of Infosec Island and NETpeas...
Comments (0)
Javvad Malik on Hacking Tools and Ethics
April 20, 2012
Joshua Corman wrote a post in which he raises some valid points about tools like Metasploit. Naturally, the purpose such tools is to aid a security tester in finding vulnerabilities. However you cannot dictate if someone will use this for attack or defensive purposes...
Comments (0)
Video: FBI's Top Cyber Official Discusses Threats
March 30, 2012
"Those early attacks were much more intermittent. We are seeing literally thousands of attacks a day. The ones people hear about are often because victims are coming forward. And there are more substantial attacks that people don’t ever see or hear about..."
Comments (0)
Javvad Malik on Infosec Mistakes
March 23, 2012
We all learn from our mistakes. Tripwire compiled the 25 mistakes infosec people make and I’m adding my own. You can see great examples such as “Yes, a UFO is an unidentified flying object, but it’s probably an alien” and “Is there an award for having the most passwords?”
Comments (0)
BSidesSF: AlienVault CTO Roger Thornton on Network Visibility
March 01, 2012
Roger Thornton, CTO at AlienVault, discusses the need for organizations to reduce the overall cost of network security visibility. He believes that technology is not the problem, but instead it is the time, money and staff needed for effective and meaningful visibility...
Comments (0)
BSidesSF: Dominique Karg on the AlienVault Open Source Model
February 29, 2012
Dominique Karg, Co-Founder and Chief Hacking Officer for AlienVault, took some time to discuss the many myths around open source architecture, the inherent benefits and problems, and why AlienVault ultimately decided to go with the open source model...
Comments (0)
BSidesSF: Dr. Mike Lloyd on Measuring Security Effectiveness
February 28, 2012
In his thought-provoking presentation at Security BSides SFO, Dr. Mike Lloyd - CTO at RedSeal Networks described methods for building an enterprise security metrics program that’s completely different from the current model of counting vulnerabilities or patches applied...
Comments (1)
BSidesSF: Amol Sarwate on SCADA Security Challenges
February 28, 2012
Amol Sarwate examined how SCADA security and advance persistent threats have now taken center stage. While the industry has some success in dealing with IT security, when it comes to industrial control systems or SCADA systems, it still has enormous challenges...
Comments (0)
On Forgotten Passwords and Security
February 03, 2012
What do you do when a user forgets their password? There are a number of different approaches that can be taken. The challenge when allowing a user to self-service is that you could potentially open up a number of avenues for attack...
Comments (0)
Security Onion Intrusion Detection System Setup Tutorial
January 25, 2012
Run this on a system that has two network cards and you have a complete NSM/IDS. One NIC connects to your network or internet side of your traffic and monitors every packet, the second NIC connects to your LAN side and can be used to remotely view and monitor intrusion attempts...
Comments (2)
Do Not Encrypt Passwords - Why, You Ask?
January 13, 2012
Encrypting passwords is bad. Try hashing them with a little bit of salt on top. Confused about the terminology - maybe i can clear your confusion with the use of a shoe, a box and a pen & paper...
Comments (2)
On Input Validation
December 29, 2011
Input validation is a good security principle based on your application looking at what’s being asked of it and deal in a secure manner. It’s not always fool proof, but goes a long way...
Comments (0)
- Metasploitable: Gaining Root on a Vulnerable Linux System
- ICS-CERT: From the Trenches - A Tabletop Exercise
- Why Does Software Security Keep Falling off your Budget?
- Former DHS Director Sean Paul McGurk Joins ICS ISAC
- CISO 2.0: Enterprise Umpire or Wide Receiver?
- Dutch Military Intelligence Dives into Cyber
- Facebook "Like" Button = Privacy Violation + Security Risk
- Twitter Commits to Respecting Do Not Track with New Policy
- Hard Power, Soft Power, and the Power of Digital Espionage
- US vs. China: Is the Cyber Warfare Gap Increasing?