The keynote speaker of Troopers15 has an interesting presentation (on youtube now ) https://www.blackhat.com/eu-15/briefings.html https://www.youtube.com/watch?v=rarpym8JJXQ Some of the good quotes: Doing something better must be better than doing nothing? “Wrong. Paddling hard in the wrong direction doesn’t help just because you want it to” “You must never confuse faith that you will prevail in the end—which you can … Read more
Let’s say you have not replaced your firewall or thought about it much for some time. Is it time to replace it? There are ‘new’ firewalls called Next Generation firewalls (NGFW for short) because we like our acronyms. First we have to assess risk and decide if this is a good usage of resources (maybe … Read more
Gartner has a report on the Critical capabilities of Security Information and Event Management(SIEM) software by 13 companies. Each company was analyzed on several characteristics AccelOps, AlienVault, BlackStratus, EMC, EventTracker, HP (ArcSight), IBM Security QRadar, Intel Security, LogRythm, Micro Focus International (NetIQ), SolarWinds, Splunk, and Trustwave Holdings Characteristics that were measured: Real-time monitoring, threat intelligence, … Read more
Rich Mogull at Scurosis Blog (#13 at http://oversitesentry.com/security-news-reviewed/) has the latest post https://securosis.com/blog/hybrid-clouds-an-ugly-reality The problem? A Hybrid cloud is by definition part cloud and part local systems. One can easily imagine administration problems as files and data have to bridge both environments. The disadvantage is the loss of compartmentalization, i.e. the ability to say the cloud … Read more
There is an interesting running discussion at reddit.com/netsec Started by Brian Krebs (the #2 site in Security News Analyzed) The question was ‘Why do you think organizations seem to prefer “learning these lessons the hard way”?’ And here is Brian’s answer { But in the end I think it comes down to a lack of … Read more