Over the last six months the name Edward Snowden has been appearing in the news on an almost daily basis. He has appeared in articles about the US government, the National Security Agency and the CIA and reports have even suggested that he has received death threats from senior […]
Application Whitelisting is a technology that has been in use in the security world for quite a long time. For those who may not already be familiar with AWL, it is, as the name would imply, the opposite approach to blacklisting. Everyone is definitely familiar with blacklisting, because it […]
By now, the risks associated with phishing are well-known and well-documented. What is often misunderstood or overlooked is a hidden threat related to phishing.Brief BackgroundThere are various forms of phishing, but each form has a similar objective: to elicit information from an unsuspecting victim (refer to this article for […]
A social engineering assessment is a very valuable tool in understanding the security exposure of most organizations. Since human beings tend to be the weakest link in any security strategy, this work can quickly identify which areas need to be addressed in the timeliest fashion. Another factor that needs […]
(or “Why PCI-DSS-Compliant Passwords Aren’t Enough” or “PCI-DSS-Compliant Password Analysis Reveals One-Quarter Still Trivially Compromisable”)
Thanks to PCI-DSS requirements and other security standards that specify a minimum length and strength of password, most sysadmins now have the awareness and patience necessary to set up a basic password policy. However, many […]
This article will briefly discuss the host-based intrusion detection system (HIDS) and an abstract approach that can be used to design an application firewall.
As per OSSEC, HIDS is an application-level firewall that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting, and active response. This is […]
In this article we’ll present the open source host-based intrusion detection system, which is needed if we would like to detect host-based attacks on our computer. First of all, we should emphasize that OSSEC is supported on most platforms including Linux, MAC, Windows, Solaris, HP-UX, ESX, etc and is […]
It is hard to accept that nowadays, organizations get along without having an astute and decisive information system. Providing a reliable and coherence information system requires a solid security framework that ensures confidentiality, integrity, availability, and authenticity of the critical organizational assets.
Information Security Management System (ISMS) defines to setup […]
Welcome back to my continuing series of articles on Snort rule writing.
My first couple of installments in this series addressed some very simple rules in order to lay down a conceptual framework for the development of more complex rules. See Part 1 and Part 2.
In this article, we will […]
A patent is defined as an exclusive right or rights provided by a government to an inventor for a certain period of time in exchange for the public disclosure of an invention. A software patent is a patent for an invention involving software. The extent to which software […]
Welcome back to my series on Snort rule writing.
In my first installment, we covered the basic syntax of a simple rule. We established the fundamental framework for all Snort rules by laying a simple template. This template breaks the rule into two basic components, (1) the rule header and […]
History, wrote Norman Cousins, is a vast early warning system. When faced with a security difficulty, it can help us to reach back and to remember how impossible it seemed the first time something similar came up. In this piece, I want to take a look at an early […]
Snort–the open source intrusion detection and prevention (IDS/IPS) system—for over a decade now has proven its value and efficacy and is ranked among the best IDS/IPS systems on the planet now. Snort installations can be found on every continent and in nearly every nation. It has been deployed by […]
Everything we do in the Internet leaves digital fingerprints. Therefore, it is only logical that many web users are worried about the issue of privacy. Their worry is not without reason. Because privacy laws differ from country to country, a company is not legally obligated to ensure that the […]
Today most organizations have committed resources, developed policies, procedures, and tools, and set their organization and IT infrastructure to maintain their critical business process (Business Continuity Plan) and recover to their normal activities (Disaster Recovery Plan) as quickly as possible during unforeseen circumstances and major outages.
Having a plan for […]
Company success vs. cooperation inside the company
Forms of conflict
Reasons for bad cooperation
a) Mentality depending on the positions
b) Understanding of own role in the company
c) The most common sources and symptoms of conflict
d) Examples of bad cooperation and how to avoid them
Advice for when you are Project Manager
Five ways to […]
Previously, we took a major problem with which organizations are faced in the implementation of Agile methodologies in companies. It was where the lack of competence of people when making decisions about how to manufacture, and who really has a lot to say about the finished product. Well first […]
See the McGraw Hill excerpt: Computer Incident Response Planning here:
N.K. McCarthy has more than 20 years of experience in the IT sector, most recently managing the information security operations/threat and vulnerability management team for a Fortune 100 corporation. He is a retired Lieutenant Colonel in the U.S. Marine […]
Boring topic? Maybe.
But if you believe what Gartner has to say: “Through 2016, 75% of CISO’s who experience publicly disclosed security breaches, and lack documented, tested response plans, WILL BE FIRED.”
Gartner said that (2012 Gartner Predicts) – CISO’s may be fired for not having CIRP’s…..
I’m a big believer in […]
Traditional boot processes cannot stop sophisticated attacks instantiated before operating system load. Consequently, we need a method to ensure that when the operating system (OS) loads and the user logs in, the system is “clean” and trusted. The Unified Extensible Firmware Interface (UEFI) and the Trusted Platform Module (TPM) […]