What in the world are those two topics doing in the same post? Well, I’ve got a small roll-up for you. Here are two blog posts you should read. Both are short and relevant, exactly what most of us like!
The first is a post from my co-author Anton Chuvakin entitled Log Management + SIEM = ?, a post that lays out four scenarios where SIEM and LM can be combined as part of the technology deployment of a security strategy. This field is something that I’m enjoying watching grow, and in fact my new employer plays in the space. Log management and SIEM are both critical functions to any security environment. While mature installations may not be able to prevent a breach, you certainly can contain one and prevent another if you know about it (SIEM), and can go back in time to track where it came from (LM).
The second is from John Kindervag, a senior analyst at Forrester Research. In John’s recent post entitled Hacking the Human Network, he shows how easy (SCARILY easy) it is to hijack unsecured VoIP or video conferencing sessions (and mentions 30 Rock, which is one of the best comedies on TV right now). Granted, in this example we’re talking about hijacking an internal connection, which inherently will not be encrypted, but two key scenarios come to mind here.
- What if this same setup was used for a roaming employee or a home office user, and encryption was NOT performed over the link?
- What if the CEO was using this technology to talk to key employees about pending financial moves that would certainly impact the stock price?
I’ll also throw my emphasis on endpoints here and add that VoIP phones are nothing more than computers with a smaller keyboard. That means that they can be vulnerable to the same stack smashing things that plague our PCs. It’s important to secure all ends of this one, kids.
Go check out these awesome posts!
Possibly Related Posts:
- Let’s Encrypt for non-webservers
- Selective Domain Filtering with Postfix and a SPAM Filtering Service
- Preventing Account Takeover, Enable MFA!
- Proofpoint Patches URL Sandbox Bypass Bug
- Improve Outbound Email with SPF, DKIM, and DMARC