Blog Posts Tagged with "Monitoring"


Feds Want Supreme Court to Allow Warrantless GPS Tracking

April 20, 2011 Added by:Headlines

The court of appeals’ decision seriously impedes the government’s use of GPS devices at the beginning of an investigation when officers are gathering evidence to establish probable cause and provides no guidance on the circumstances under which officers must obtain a warrant...

Comments  (0)


Open Source Log Management Tools List

April 08, 2011 Added by:Anton Chuvakin

This page lists a few popular free open-source log management and log analysis tools. The log cheat sheet presents a checklist for reviewing critical system, network and security logs when responding to a security incident. It can also be used for routine periodic log review...

Comments  (0)


When Security Requirements Conflict

April 06, 2011 Added by:Robb Reck

Next time an information security expert tells you that a system is secure ask him, “What kind of secure?” We know that choices are always made and vulnerabilities always left unmitigated. Knowing which ones to address and which to accept is what makes a security program effective...

Comments  (0)


Effective FCPA Risk Assessments

April 01, 2011 Added by:Thomas Fox

Insufficient strategies include: an FCPA compliance policy that is disseminated broadly but has shallow preventative measures; monitoring efforts which review samples from artificially inflated universes; expanding the FCPA audience, yet diluting the compliance solution...

Comments  (0)


The Biggest Shortcomings of ISO 27001

March 28, 2011 Added by:Dejan Kosutic

This standard will certainly need to change - the current version of is now six years old, and hopefully the next revision will address most of these issues. Although these shortcomings can often cause confusion, I think that the positives of the standard outweigh the negative in large measure...

Comments  (0)


Phase II: Implementing File Integrity Management (FIM)

March 23, 2011 Added by:Ron Lepofsky

File scans are stored as a hashed value, a one way encryption technique that is used for verifying other data too important to be stored in the clear. The hash value of a rescanned file is compared with the hash value of the initial scan and if a difference appears, then a change was made...

Comments  (0)


Complete PCI DSS Log Review Procedures Part 16

February 28, 2011 Added by:Anton Chuvakin

Validation activities can be used to report the success of a log management program, processes and procedures to senior management. The data accumulated is proof of organization-wide PCI DSS compliance and can be used for management reporting. Specifically, the following are useful reports...

Comments  (0)


Using Ninja to Monitor And Kill Rogue Privilege Escalation

February 22, 2011 Added by:Rod MacPherson

Once a hacker (if they have malicious intent we'll call them crackers) has found a way onto a system s/he then usually needs to jump to the Administrator or system or root account. Ninja is a program for Linux (and presumably most Unix like OSes) that monitors for such privilege escalation...

Comments  (4)


Multi-State Cybersecurity Information Analysis Center

February 16, 2011 Added by:Dan Dieterle

"The Multi-State Information Sharing and Analysis Center (MS-ISAC) is a collaborative state and local government-focused cyber security entity that is significantly enhancing cyber threat prevention, protection, and response and recovery throughout the states of our nation..."

Comments  (4)


DoD Proposes Database to Monitor Network Traffic

February 07, 2011 Added by:Headlines

The Department of Defense is considering options to create a computer network monitoring database in an effort to better identify and respond to cyber threats. The main benefit of the shared information database would be to allow the government to respond to cyber threats in a more unified manner...

Comments  (0)


Complete PCI DSS Log Review Procedures Part 13

February 04, 2011 Added by:Anton Chuvakin

How do you create a logbook that proves that you are reviewing logs and following up with exception analysis, as prescribed by PCI DSS Requirement 10? The logbook is used to document everything related to analyzing and investigating the exceptions flagged during daily review...

Comments  (0)


Complete PCI DSS Log Review Procedures Part 12

January 28, 2011 Added by:Anton Chuvakin

We have several major pieces that we need to prove for PCI DSS compliance validation. Here is the master-list of all compliance proof we will assemble. Unlike other sections, here we will cover proof of logging and not just proof of log review since the latter is so dependent on the former...

Comments  (0)


Complete PCI DSS Log Review Procedures Part 11

January 23, 2011 Added by:Anton Chuvakin

The main idea of this procedure it to identify and then interview the correct people who might have knowledge about the events taking place on the application then to identify its impact and the required actions, if any...

Comments  (0)


Complete PCI DSS Log Review Procedures Part 10

January 17, 2011 Added by:Anton Chuvakin

A message not fitting the profile is flagged “an exception.” It is important to note that an exception is not the same as a security incident, but it might be an early indication that one is taking place. At this stage we have a log message that is outside of routine/normal operation...

Comments  (0)


Complete PCI DSS Log Review Procedures Part 9

January 14, 2011 Added by:Anton Chuvakin

The first method considers log types not observed before and can be done manually as well as with tools. Despite its simplicity, it is extremely effective with many types of logs: simply noticing that a new log message type is produced is typically very insightful for security, compliance and operations...

Comments  (0)


Is Truly Anonymous Web Browsing Even Possible?

January 13, 2011 Added by:Rafal Los

On one end of the argument you must concede that in order to have an acceptable user experience you must be tracked to some acceptable extent, while the other end of the argument would say that we don't want web sites, vendors and nation-states/organizations tracking us and our browsing habits...

Comments  (3)

Page « < 3 - 4 - 5 - 6 - 7 > »