NSS Labs Breach Detection Systems (BDS) Comparative Analysis Report

nsslabs3 NSS Labs Breach Detection Systems (BDS) Comparative Analysis Report

NSS labs just released their Breach Detection Systems Report found HERE. The purpose for this report is based on the concept that there is a need for security solutions that extend beyond defense measures found in common security products such as Anti-Virus and IPS network appliances. NSS labs have developed a name for the feature designed to stop advanced threats known as having “Breach Detection” capabilities.  Its pretty much technology you would implement as a last layer in the event a threat breaches your firewall, AV and network security defenses. Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Federal News Radio Featuring The Cybersecurity Imperative

Pannels Federal News Radio Featuring The Cybersecurity Imperative My buddy Aamir Lakhani joined a handful of security experts for a session on Federal News Radio. The radio show can be found HERE Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Post NAC: Cisco Identity Services Engine (ISE) and Lancope StealthWatch for Total Access Control

Controlling who and what access your network is a critical element to keep your resources safe from malicious threats. Network Admission Control (NAC) solutions like the Cisco Identity Services Engine (ISE) can police who and what is permitted network access as well as enforce policy for those devices. Examples would be permitting an administrator with a government furnished Windows 7 laptop access to VLAN 10, which holds internal servers, while provisioning a marketing professional’s iPad with VLAN 20 access, which is limited to Internet and email through the use of ACLs. Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

THE SOCIAL MEDIA DECEPTION PROJECT : How We Created Emily Williams To Compromise Our Target

Disclaimer: This post has been modified to exclude specific subjects not approved for public viewing


emily1 new THE SOCIAL MEDIA DECEPTION PROJECT : How We Created Emily Williams To Compromise Our Target

Emily Williams and Robin Sage

Emily Williams and Robin Sage don’t exist in the real world. They are fake social network accounts designed to obtain sensitive information. Robin Sage was created in late 2009 to obtain information from intelligence on US military personnel. Her story was presented at the Black Hat hacker conference upsetting many people by exposing the type of sensitive data provided over social networks. Joey Muniz and Aamir Lakhani decided to go one-step further and ask the hard question: “what else can happen outside of data being leaked over social networks”. We decided to find out using Emily Williams. Continue reading

VN:F [1.9.22_1171]
Rating: 5.0/5 (7 votes cast)

The Business Value Of NetFlow : Why Invest In NetFlow Technology?

 The Business Value Of NetFlow : Why Invest In NetFlow Technology?There has been a rapid increase in demand for security solutions that can defend against Advanced Persistent Threats (APTs). Why? Because today, cyber criminals don’t use a specific attack to compromise targeted networks. Continue reading

VN:F [1.9.22_1171]
Rating: 5.0/5 (1 vote cast)

RSA NetWitness: An Anatomy Of An Attack

Here is a post from my friend Aamir Lakhani’s blog about RSA NetWitness. The original can be found at Cloud Centrics (http://www.cloudcentrics.com/). Really good post on NetWitness.

RSA NetWitness

rsa netwitness2 RSA NetWitness: An Anatomy Of An Attack

RSA NetWitness is a unique solution that captures, store and analyze network data traffic. This gives you the able to see exactly what comes in and goes out of the network in real time . In simple terms, RSA offers to you a Network CCTV. Not only that, NetWitness also allows you to see the traffic in action as it reconstructs the data that flows through the network into its original format according to its own type or application. This helps you strengthen your security measures by taking appropriate action. On top of that, since all traffic is captured and stored, you will be able to go back to a particular period of time and conduct historical data analysis. Nothing escapes undetected. Continue reading

VN:F [1.9.22_1171]
Rating: 5.0/5 (2 votes cast)

Defending Against Distributed Denial Of Services DDoS Attacks

 Defending Against Distributed Denial Of Services DDoS AttacksIf you are internet facing, you are vulnerable to Distributed Denial of Services or DDoS attacks. Attacking network services is on the rise as the price for computing power decreases and people become more dependent on technology. Studies from leading service providers show DDoS attacks have grown from 9 to 500 Gbps in the last five years. Botnets are becoming an underground commodity that can be rented for as low as 10 dollars an hour to launch strategic DDoS attacks. Governments are investing in military strategies based on the ability to interrupt enemy computer services through targeted DDoS attacks. These attacks are indeed a weapon of mass disruption. Continue reading

VN:F [1.9.22_1171]
Rating: 5.0/5 (1 vote cast)

Cyber Crime Is A Well Funded Enterprise. A Look At Who Is Hacking You

14Hacker 1 popup1 245x300 Cyber Crime Is A Well Funded Enterprise. A Look At Who Is Hacking You
Some people believe people behind Cyber Crime are disgruntled teenage hackers looking to cause chaos for fun. In some cases that may be however the majority of Cyber Crime is performed by well-funded organized criminals. Yes, I’m talking about the godfather like people who robbed banks and distributed narcotics on the street corner prior to the computer age. Organized crime realized it’s faster to automate an attack against millions of virtual targets rather than physically deal with criminal activity. Who is really behind Cyber Crime and how do they operate? Lets take at look at a case study of popups to understand the Cyber Crime organization. Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)