My buddy and coauthor Aamir Lakhani and I are very proud to present our second book … “Penetration Testing With Raspberry Pi“. This book can be found on Packt’s website HERE and should start being seen on most online stores such as Amazon, Barns and Noble the next few days. Continue reading
I have received the question “why should I migrate from NAC appliance to Identity Services Engine (ISE)?” a handful of times. This post will provide some reasons why you should consider migrating over. Regarding how to migrate and what discounts you could receive by migrating, see this post that covers these questions HERE.
Lets start off by looking at Cisco NAC and ISE. Continue reading
The people at howtogeek.com wrote a pretty funny yet sad post about research they performed. The concept is they went to download.com and downloaded the top 10 most popular downloads onto a virtual windows system to see what would happen (they skipped a few Anti Viruses since it doesn’t make sense to install more than one but outside of that went through the list). As shown in the previous screenshot, most of the software was laced with malware pretty much killing the functionality of their test system. The ironic thing is download.com has disclaimers on their website stating they don’t post software with malware, trojans or malicious adware before during or after the installation of software being shared (shown later in the post). According to the results from the howtogeek team, this is obviously not the case. I guess those old sayings are right about nothing is free and if its too good to be true … it probably is. Continue reading
I see a lot of hesitation from administrators when having a conversation about cloud based security. People seem to be uneasy with the idea of having anything security related managed outside of their company walls. Some administrators express concerns that there is a potential weakness opening up a connection from their inside network to the cloud (even though it is encrypted) while others feel uneasy about having people outside their staff accessing equipment for maintenance or other purposes. I’ve also had the question “what happens if a client sharing a security device in the cloud gets compromised? Will that impact our business”? (I’ve never heard of this happening and there are hundreds of cloud offerings available today). These are just a few concerns that gives cloud based security a bad reputation before it is evaluated for its true potential.
Cloud Security should be looked at as a method of outsourcing security. Why would you want to do this? There are many benefits and for some situations such as locations spread across the world, cloud is the only feasible answer. Here are some of the top benefits of going cloud based security. Continue reading
The Computer Science department at Florida State University is offering free computer security class lectures. You can find the entire CIS4930 and CIS5930 courses online HERE. These are the Spring 2014 classes so the content is pretty current. There are 26 lessons ranging from lock picking to launching attacks with Metasploit. Videos include lecture slides to download. Continue reading
Cisco acquired the leader for identifying day zero threats ThreatGRID around may of 2014. ThreatGRID’s statement “The First Unified Malware Analysis and Threat Intelligence Solution” sounds like a mouthful however represents its purpose of going beyond what most “sandbox” technologies accomplish in this market space. What is also interesting is this technology is being moved into other Cisco security offerings now that they are part of Cisco’s breach detection strategy. Continue reading
Cisco just released the latest version of ISE aka Identity Services Engine version 1.3 on Oct 31st. ISE is Cisco’s flagship access control technology (more on ISE found HERE and how to build a Lab found HERE). In summary, ISE can tell you who and what is on the network, provision the proper access and even remediate devices that are out of expected security posture. You can find the formal release notes for ISE 1.3 HERE.
ISE 1.3’s main new features revolve around providing enhanced guest services such as simplifying the process to on-board new mobile devices. There are other improvements I’ll cover in this post as well. Lets take a look at the new 1.3 version of ISE. Continue reading
Cisco announced the End-of-Sale date for their traditional Intrusion Detection and Prevention product line. You can find a link to the announcement HERE, which includes a list of affected products. Here is the formal announcement as well as suggested replacement technology.
The formal announcement states
“Cisco announces the end-of-sale and end-of life dates for the Cisco Intrusion Prevention System. The last day to order the affected product(s) is April 26, 2015. Customers with active service contracts will continue to receive support from the Cisco Technical Assistance Center (TAC) as shown in Table 1 of the EoL bulletin. Table 1 describes the end-of-life milestones, definitions, and dates for the affected product(s). Table 2 lists the product part numbers affected by this announcement. For customers with active and paid service and support contracts, support will be available under the terms and conditions of customers’ service contract.” Continue reading