Let’s say you have not replaced your firewall or thought about it much for some time. Is it time to replace it? There are ‘new’ firewalls called Next Generation firewalls (NGFW for short) because we like our acronyms. First we have to assess risk and decide if this is a good usage of resources (maybe … Read more
Gartner has a report on the Critical capabilities of Security Information and Event Management(SIEM) software by 13 companies. Each company was analyzed on several characteristics AccelOps, AlienVault, BlackStratus, EMC, EventTracker, HP (ArcSight), IBM Security QRadar, Intel Security, LogRythm, Micro Focus International (NetIQ), SolarWinds, Splunk, and Trustwave Holdings Characteristics that were measured: Real-time monitoring, threat intelligence, … Read more
Rich Mogull at Scurosis Blog (#13 at http://oversitesentry.com/security-news-reviewed/) has the latest post https://securosis.com/blog/hybrid-clouds-an-ugly-reality The problem? A Hybrid cloud is by definition part cloud and part local systems. One can easily imagine administration problems as files and data have to bridge both environments. The disadvantage is the loss of compartmentalization, i.e. the ability to say the cloud … Read more
There is an interesting running discussion at reddit.com/netsec Started by Brian Krebs (the #2 site in Security News Analyzed) The question was ‘Why do you think organizations seem to prefer “learning these lessons the hard way”?’ And here is Brian’s answer { But in the end I think it comes down to a lack of … Read more
https://isc.sans.edu/ has a good post on how to do some rudimentary searches… Specifically https://isc.sans.edu/forums/diary/Botnets+spreading+Dridex+still+active/20295/ is the post. The image above is the same image from isc.sans.edu today post, notice how Brad Duncan searched for the Dridex malware with the hash mark, so if there is a suspected malware you are interested in researching that is a great … Read more
