Blog Posts Tagged with "Network Security Monitoring"


Shining LIGHTS on ICS Cybersecurity

March 11, 2012 Added by:Chris Blask

The LIGHTS program was created as a means of addressing security for the large number of small utilities operations. LIGHTS is a non-profit program run under Energysec that sets a consistent open-source-baseline approach to securing smaller critical industrial control facilities...

Comments  (0)


Redefining Security Intelligence with NOC and SOC

March 09, 2012 Added by:Rafal Los

Security dashboards are archaic, and often security teams have a half-dozen or more for visual confirmation on happenings. In well-run SOC organizations, a SEIM or new-school SIRM can provide context and close the real-time analysis gap, but this still isn't enough...

Comments  (0)


How FUD Defends Against APT

March 08, 2012 Added by:J. Oquendo

We placed computers in the environment of our critical infrastructure that are responsible for the things like water, power, communications - but we never engineered security into the equation. We are looking at a magnificent attack in the next couple of months, even days or hours...

Comments  (1)


In Fifty Gigabytes, Turn Left: Data-Driven Security

March 08, 2012 Added by:Wendy Nather

If you break security events down, you're generally looking for two things: normal activities that are being done by the wrong people, or abnormal activities being done by the right people. And by people I also mean systems, but it's sometimes hard to tell the difference...

Comments  (0)


Out With the New, In With the Old: OS Security Revisited

March 06, 2012 Added by:Ian Tibble

Operating System Security is radically under-appreciated, and this has been the case since the big bang of security practices in the mid-90s. OS security, along with application security, is the front line in the battle against hackers, but this has not been widely realized...

Comments  (0)


Log Management: Debugging Security

February 18, 2012 Added by:Danny Lieberman

Logs are key to security management not only for understanding what and why an event happened but also in order to prove regulatory compliance. The business requirements are that security logs should be both relevant and effective...

Comments  (0)


The Dangers of Non-Contextual Pattern Matching

February 15, 2012 Added by:Rafal Los

Even a system inconsistency such as an abnormal page transition velocity on your flagship web application can be overlooked - until you put all those together and realize you're being SQL Injected and someone is stealing your multi-terabyte database out from under you...

Comments  (0)


GFI WebMonitor Internet and Web Security Review

February 09, 2012 Added by:Dan Dieterle

Looking for a program that monitors internet use, allows granular control over sites and services they can access, coupled with comprehensive web security and threat detection that includes scanning with three Anti-Virus engines? Look no further...

Comments  (0)


NETPeas COREvidence v1.0 Sneak Preview

February 02, 2012 Added by:Nabil Ouchn

COREvidence, a Software as a Service (SaaS) product, integrates multiple services to create a one-stop network security solution. Customers have immediate access to numerous technology leaders in vulnerability management, compliance achievement and monitoring...

Comments  (0)


What To Do About Insider Threats

November 14, 2011 Added by:PCI Guru

Insiders must have access to information that the general public or even you business partners do not. As a result, should an employee get sloppy with controls or go “rogue,” you can expect to lose whatever information that person had access. Remember my mantra – security is not perfect...

Comments  (0)


Why Less Log Data is Better

October 05, 2011 Added by:Danny Lieberman

One of the crucial phases in estimating operational risk is data collection: understanding what threats, vulnerabilities you have and understanding not only what assets you have (digital, human, physical, reputational) but also how much they’re worth in dollars...

Comments  (1)


On Broken SIEM Deployments

August 02, 2011 Added by:Anton Chuvakin

In this post, I want to address one common #FAIL scenario: a SIEM that is failing because it was deployed with a goal of real-time security monitoring, all the while the company was nowhere near ready (not mature enough) to have any monitoring process and operations criteria for it...

Comments  (0)


Log Management at Zero Cost and One Hour per Week?

August 01, 2011 Added by:Anton Chuvakin

CAN one REALLY do a decent job with log management (including log review) if their budget is $0 AND their time budget is 1 hour/week? I got asked that when I was teaching my SANS SEC434 class a few months ago and the idea stuck in my head. The only plausible way that I came up with is...

Comments  (3)


What Does Verizon’s 2011 DBIR Mean to Your Enterprise?

July 24, 2011 Added by:Robb Reck

It’s not easy to go through every system in our environment and ensure that remote administration is turned off where it can be and closely monitored where it cannot, but it is simple; if you don’t know where the doors into your data are, you can’t defend them...

Comments  (3)


What is a Kernel Level Audit Trail?

July 11, 2011 Added by:Jamie Adams

Few people understand how audit records are generated or the difference between a kernel level audit trail and an application event log. It is critical to configure auditing and logging mechanisms to capture the right data to safeguard the data to prevent it from being modified...

Comments  (0)


Wizard-Driven Software Security Testing

July 06, 2011 Added by:Rafal Los

The technology available today for testing your applications is quite complex, but many folks simply want to push the "magic security button" and get fast, accurate results. That's simply impossible, but the requirements continue to demonstrate this want. So what do we do?

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »