Branden R. Williams, Business Security Specialist

We Must Hunt standard

Security people are often viewed as gatherers. We gather security event data, collect logs for review, build documentation based on information about our environment, and group informational assets in like-valued groups to focus our defenses. I think we’ve got the gathering part down. It’s similar to our propensity to react. We may not be great at reacting (or more likely, we’re great at reacting at only a few things), but we get plenty of exposure to it. You cannot be a successful security professional by only being a gatherer, and your team won’t be successful if you only hire and employ gatherers. Just like most societal norms that evolved over thousands of years, you need hunters to fill a need ...

Contextual Deep Content Inspection for Security standard

It’s 2012 (didn’t I already say that on Wednesday?) and the reality of 2011’s shifting security landscape should have set in by now. As much as many of you may want to go back to the days of worrying about Anti-Virus definition files, basic patching, and a single border firewall as the makeup of your entire security posture, its time to take a serious look at how you will plan your defenses for 2012. One defensive technologies that is getting another look is Data-Loss Prevention (DLP) ((John Kindervag from Forrester just released some research on Rethinking DLP that is pretty interesting as well, especially his DLP Maturity Grid.)). By itself, an implementation of DLP can go a long way to ...

Herding Cats: Persona You (January 2012) standard

Have you checked out ISSA Connect yet? The next issue is up there with my column, Persona You. You can also download the November and December issues. I didn’t post them here as I have been tied up with a few other things! What does your online persona look like? This month’s column talks about the state of privacy in which we exist. Just last month we had a flurry of activity around CarrierIQ and the specific implementations for various carriers. Now you can see a little more into some of the other issues that can come along with your online persona. If you are a member, log into ISSA Connect and join the discussion! Interact with great professionals globally ...

2011, A Year in Review standard

2011 is in the books, and we’re looking ahead to what promises to be an interesting year for everyone. Economic uncertainty promotes crime, and more of our assets are migrating to an electronic medium every day. We saw big breaches. BIG breaches. Hactivisim and state sponsored cyber-warfare lead the pack on the biggest and most devastating breaches of 2011. This year we talked about PCI DSS as we normally do, but later in the year we made a decided shift in our focus to security—something I hope anyone dealing with PCI DSS has already done. I think you all liked the shift as well, considering the top four were written in the last half of the year. Here are the ...

Guest Post: Functionality and Benefits of WAF standard

The following guest post was provided by Ben Henderson, CISSP from Ensure Networks. Email him here. You can download the full paper here. The foremost functionality of a WAF is to secure web applications against application layer vulnerabilities. WAFs can be hardware devices or software that is deployed to monitor and protect web traffic. WAFs have the ability to enforce default and custom configured policies for browser to server transactions. They are similar to network firewalls on in the that WAF policies generally apply to IP addresses and ports. However, WAFs inspect HTTP traffic to normalize the data in the headers and URL parameters. They employ a variety of functions and work in parallel with IPS technology to enhance the ...

Guest Post: Virtualization Makes Everything Easier – Including Burning Bridges standard

The following guest post was provided by Richard Rees, CISSP, a Practice Manager for EMC Consulting’s Virtualization Security and Cloud Trust group. Email him here. The best thing about computers is they do exactly what you tell them to do, very quickly. However, the worst thing about computers is that they only do exactly what you tell them to do. I’m still waiting for an OS that contains DWIM code (Do What I Mean) without the evil of Clippy. Virtualization is the same thing – except even faster over a larger scale. Instead of computers needing DWIM capability, entire data centers need them. This applies to security as well – the traditional problems of security in a data center exist in ...

Guest Post: Getting Management to Buy into ITSM standard

The following guest post was provided by Erin Palmer on behalf of the online IT service management programs from Villanova University. Fore more info, check out Villanova online education courses. Despite large amounts of data and case studies singing the praises of ITSM, there are still managers reluctant to adapt to a change toward an ITSM system for a variety of reasons, including: Time: Managers generally think in the time frame of quarters, not six months or more. Risk: Managers see too much risk in a process where results may not be immediate. Cost: Cost benefit analysis may be a hard sell since initially the investment cost may be significant and the ROI will take place over ...

20th of December, 2011
In: Consumer Security, Enterprise Security, SOS
0
0

DNS Query Logging—Looking for Fires standard

Yesterday morning I was catching up on some RSS feeds ((In a world of Twitter, I know…)) and came across this interesting post from Trevor at ThreatSim entitled Fighting The Advanced Attacker: 9 Security Controls You Should Add To Your Network Right Now. After reading it, I had one of those “Ah-ha” moments where I looked at one of the recommendations and asked myself, “Why am I not doing that?” For those of you who know me (or have ever had to get on my home WiFi), you know that I have made my home network entirely too complex for what I need it to be. Three different DMZs is a little insane, don’t you think? But I did it ...

Don’t Forget, it’s Christmas for Scammers Too! standard

We’re well into the holiday season in the States, and that means that scammers are everywhere. With all of the holidays coming to a head this month, it’s Christmas for those scammers too. Here are several sites that can help you navigate scam from deal! As always, remember to be vigilant. Caveat emptor! If a deal looks too good to be true, it often is. That’s not to say there are not good deals to be had. If you are shopping for last minute holiday deals, be sure to deal with reputable establishments. If you smell something fishy going down with a deal, don’t be afraid to terminate the transaction and find somewhere else to buy. Be especially vigilant if ...

What Does IT Provisioning Look Like? standard

The title for this post is only funny if you read it in the voice of Jules Winnfield asking Brett to describe what Marsellus Wallace looks like. If you can get in that mindset (I can’t link to it, you just have to get there on your own), then this will be more effective. Imagine for a second that you are the CIO of a company (Jules Winnfield), and you are trying to build some information security features into the systems you are responsible for keeping up and running. You go to your CISO (Brett), or maybe the sales rep of the infosec vendor, and ask them how their product works in the new model of IT provisioning and operations. ...