Blog Posts Tagged with "Monitoring"


Incident Response and Risk Management Go Hand in Hand

February 12, 2012 Added by:Neira Jones

Residual risk is inevitable, so incident response becomes a crucial part of managing it. As the risk assessment identifies the assets critical to a business - threats, vulnerabilities and controls - so should the incident response plan concentrate on critical assets...

Comments  (2)


Who Will Watch the Watchers?

February 05, 2012 Added by:John Linkous

We have entered a new era of cybersecurity, one where the objective is not to protect against a breach - the majority of large organizations are no longer able to - instead we need to be able to detect them and mitigate the damage done by them...

Comments  (0)


Managing Employee's Expectation of Privacy

February 02, 2012 Added by:Suzanne Widup

FDA whistleblowers allege their emails were monitored once they told Congress the agency was approving risky medical devices, violating their Constitutional rights. The FDA said that employees are warned they may be monitored, and should not have an expectation of privacy...

Comments  (1)


Legal Implications of Social Networking Part 3: Data Security

January 31, 2012 Added by:David Navetta

Technology exists for monitoring and tracking of social media usage by employees. Ultimately however, like social media itself, it comes down to people - risk can only be addressed appropriately if the individuals using social media are equipped to identify and mitigate against it...

Comments  (0)


NIST Draft Guidance for Monitoring IT System Security

January 26, 2012 Added by:Headlines

Three new draft reports published by the NIST are designed to help both public and private organizations improve the security of their information management systems by developing capabilities for continuous monitoring of security...

Comments  (0)


VoIP: The Danger of Open Ports

January 25, 2012 Added by:Simon Heron

The Sipera UC-Sec 100 device is designed to withstand such attacks but many IP-PBX’s are not. If these attacks had been launched against an undefended and vulnerable system, it would have been possible for the hacker to register as an authorized user of the system...

Comments  (0)


Snort and SCADA Protocol Checks

January 25, 2012 Added by:Brent Huston

There are a wide variety of open source tools that can be leveraged around Snort, making it a powerful approach to visibility. Having people in the industry who know how the systems Snort work allows for better development of signatures for nefarious issues...

Comments  (0)


Concerns About the New AOL Instant Messenger

January 25, 2012 Added by:Electronic Frontier Foundation

The new preview version of AOL Instant Messenger raised concerns for us when it was first introduced, first because it started storing more logs of communications and second, because it apparently scanned all private IMs for URLs and pre-fetched any URLs found in them...

Comments  (0)


E-Meme: The Next Generation of Thought Crime Detection?

January 25, 2012 Added by:Infosec Island Admin

An Orwellian software development project that the Navy has invested in called “E-MEME” will be able to sift through the internet for ideas and meme’s to analyze them for predictive behavior assessment. Predictive behavioral analysis via meme’s... Whatever could go wrong?

Comments  (6)


Mandatory Data Retention, Smart Meter Hacks and Silent SMS

January 23, 2012 Added by:Electronic Frontier Foundation

Silent SMS delivers a text message without the user being aware, but leads to the creation of a log with the cell phone company that reveals what cell phone towers the phone was closest to, revealing the phone’s location to help with tracking...

Comments  (1)


Popular Dedicated Linux Distributions and Tools

January 17, 2012 Added by:Bill Gerneglia

There are Linux distributions dedicated to multimedia editing, monitoring, security testing, and basic system administration. Here are some specialized open source Linux distributions that can be used by the IT admins to perform their job with some free sophisticated tools...

Comments  (1)


Effective SIEM: Less Turtle - More Awareness

January 12, 2012 Added by:John Linkous

SIEM tools are highly focused on events. Even in cases where a SIEM can look outside of the world of events at one or two other pieces of data - say, at network traffic - that’s still woefully inadequate. We certainly need events and network traffic data...

Comments  (0)


Rim, Nokia and Apple Providing Government Back Doors

January 09, 2012 Added by:Plagiarist Paganini

Some Indian Military internal documents were found that refer to a surveillance project called RINOA SUR, which stands for RIM, Nokia and Apple. The project is related to a platform used to spy on the USCC - the US-China Economic and Security Review Commission...

Comments  (9)


FTC Takes on Super Cookies

December 06, 2011 Added by:David Navetta

The FTC is an increasingly nimble enforcer, with ever shorter news story-to-enforcement action cycles. This approach is consistent with the FTC's stated commitment to take enforcement actions in the areas where the agency believes there is significant non-compliance...

Comments  (0)


Controls Have to be Executed Perfectly Every Day

December 04, 2011 Added by:PCI Guru

Security is not perfect, and controls have to be executed perfectly every day, every year - else that is where things always go awry. If you execute controls consistently, your organization should be very difficult to compromise and the bad guys will find an easier target...

Comments  (0)


ACL Complexity and Unknown Vulnerabilities

November 21, 2011 Added by:Brett Scott

If the only way to tell if the ACLs are properly configured is to use another detection mechanism that is capable of identifying improper traffic and nobody had anything like that on their networks, then how many networks are completely vulnerable and do not know it?

Comments  (1)

Page « < 2 - 3 - 4 - 5 - 6 > »