Blog Posts Tagged with "Network Security Monitoring"

A966b1b38ca147f3e9a60890030926c9

Shining LIGHTS on ICS Cybersecurity

March 11, 2012 Added by:Chris Blask

The LIGHTS program was created as a means of addressing security for the large number of small utilities operations. LIGHTS is a non-profit program run under Energysec that sets a consistent open-source-baseline approach to securing smaller critical industrial control facilities...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Redefining Security Intelligence with NOC and SOC

March 09, 2012 Added by:Rafal Los

Security dashboards are archaic, and often security teams have a half-dozen or more for visual confirmation on happenings. In well-run SOC organizations, a SEIM or new-school SIRM can provide context and close the real-time analysis gap, but this still isn't enough...

Comments  (0)

850c7a8a30fa40cf01a9db756b49155a

How FUD Defends Against APT

March 08, 2012 Added by:J. Oquendo

We placed computers in the environment of our critical infrastructure that are responsible for the things like water, power, communications - but we never engineered security into the equation. We are looking at a magnificent attack in the next couple of months, even days or hours...

Comments  (1)

Ebe141392ea3ebf96ba918c780ea1ebe

In Fifty Gigabytes, Turn Left: Data-Driven Security

March 08, 2012 Added by:Wendy Nather

If you break security events down, you're generally looking for two things: normal activities that are being done by the wrong people, or abnormal activities being done by the right people. And by people I also mean systems, but it's sometimes hard to tell the difference...

Comments  (0)

1de705dde1cf97450678321cd77853d9

Out With the New, In With the Old: OS Security Revisited

March 06, 2012 Added by:Ian Tibble

Operating System Security is radically under-appreciated, and this has been the case since the big bang of security practices in the mid-90s. OS security, along with application security, is the front line in the battle against hackers, but this has not been widely realized...

Comments  (0)

959779642e6e758563e80b5d83150a9f

Log Management: Debugging Security

February 18, 2012 Added by:Danny Lieberman

Logs are key to security management not only for understanding what and why an event happened but also in order to prove regulatory compliance. The business requirements are that security logs should be both relevant and effective...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

The Dangers of Non-Contextual Pattern Matching

February 15, 2012 Added by:Rafal Los

Even a system inconsistency such as an abnormal page transition velocity on your flagship web application can be overlooked - until you put all those together and realize you're being SQL Injected and someone is stealing your multi-terabyte database out from under you...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

GFI WebMonitor Internet and Web Security Review

February 09, 2012 Added by:Dan Dieterle

Looking for a program that monitors internet use, allows granular control over sites and services they can access, coupled with comprehensive web security and threat detection that includes scanning with three Anti-Virus engines? Look no further...

Comments  (0)

83a1969531a4f021a9f7339e222ab995

NETPeas COREvidence v1.0 Sneak Preview

February 02, 2012 Added by:Nabil Ouchn

COREvidence, a Software as a Service (SaaS) product, integrates multiple services to create a one-stop network security solution. Customers have immediate access to numerous technology leaders in vulnerability management, compliance achievement and monitoring...

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

What To Do About Insider Threats

November 14, 2011 Added by:PCI Guru

Insiders must have access to information that the general public or even you business partners do not. As a result, should an employee get sloppy with controls or go “rogue,” you can expect to lose whatever information that person had access. Remember my mantra – security is not perfect...

Comments  (0)

959779642e6e758563e80b5d83150a9f

Why Less Log Data is Better

October 05, 2011 Added by:Danny Lieberman

One of the crucial phases in estimating operational risk is data collection: understanding what threats, vulnerabilities you have and understanding not only what assets you have (digital, human, physical, reputational) but also how much they’re worth in dollars...

Comments  (1)

Ebb72d4bfba370aecb29bc7519c9dac2

On Broken SIEM Deployments

August 02, 2011 Added by:Anton Chuvakin

In this post, I want to address one common #FAIL scenario: a SIEM that is failing because it was deployed with a goal of real-time security monitoring, all the while the company was nowhere near ready (not mature enough) to have any monitoring process and operations criteria for it...

Comments  (0)

Ebb72d4bfba370aecb29bc7519c9dac2

Log Management at Zero Cost and One Hour per Week?

August 01, 2011 Added by:Anton Chuvakin

CAN one REALLY do a decent job with log management (including log review) if their budget is $0 AND their time budget is 1 hour/week? I got asked that when I was teaching my SANS SEC434 class a few months ago and the idea stuck in my head. The only plausible way that I came up with is...

Comments  (3)

C787d4daae33f0e155e00c614f07b0ee

What Does Verizon’s 2011 DBIR Mean to Your Enterprise?

July 24, 2011 Added by:Robb Reck

It’s not easy to go through every system in our environment and ensure that remote administration is turned off where it can be and closely monitored where it cannot, but it is simple; if you don’t know where the doors into your data are, you can’t defend them...

Comments  (3)

4085079c6fe0be2fd371ddbac0c3e7db

What is a Kernel Level Audit Trail?

July 11, 2011 Added by:Jamie Adams

Few people understand how audit records are generated or the difference between a kernel level audit trail and an application event log. It is critical to configure auditing and logging mechanisms to capture the right data to safeguard the data to prevent it from being modified...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Wizard-Driven Software Security Testing

July 06, 2011 Added by:Rafal Los

The technology available today for testing your applications is quite complex, but many folks simply want to push the "magic security button" and get fast, accurate results. That's simply impossible, but the requirements continue to demonstrate this want. So what do we do?

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »