December 22, 2008
by Andrew Hay
0 comments
Something strange happened the other day. While reviewing my enterprise logs in our evaluation QRadar SIEM solution (nice plug right?) I noticed that an internal IP address was scanning the internal IP address of our firewall cluster. The source port … Continue reading
December 19, 2008
by Andrew Hay
0 comments
Windows Physical Memory: Finding the Right Tool for the Job « SANS Computer Forensics, Investigation, and Response (tags: security forensics windows tools live memory) System Advancements at the Monastery » Blog Archive » Zenmap Great post and a great addition … Continue reading
December 19, 2008
by Andrew Hay
2 Comments
Throughout history war has become increasingly complex and tactics have evolved to compensate. In ancient times, walls were built to protect your city, foot soldiers made up the bulk of your army, and both sides knew how the battle would … Continue reading
December 18, 2008
by Andrew Hay
0 comments
Tis the season I guess. To add to Andy Willingham’s recent posts (part 1 / part 2) entitled How to NOT sell me security products, I too have experienced one of the worst sales calls I have ever been on … Continue reading
December 18, 2008
by Andrew Hay
3 Comments
Rob Fuller brought up an interesting question on Twitter today: Now, everyone who responded that you are still at IE in the enterprise. Why? Did you show TPTB clickjacking and it’s effects? Here is why I believe organizations cannot simply … Continue reading
December 16, 2008
by Andrew Hay
0 comments
Vista Wireless Power Tools for the Penetration Tester Paper from Josh Wright of InGuardians on Vista Wireless Power Tools. (tags: wireless power tools penetration testing) Cisco 2008 Annual Security Report (pdf) Trends collected between January and October 2008. (tags: cisco … Continue reading
December 13, 2008
by Andrew Hay
0 comments
Jeremiah Grossman: Budgeting for Web Application Security (tags: web application security ROI incident response risk) Give Your Forensic Images the Boot, Part I « SANS Computer Forensics, Investigation, and Response (tags: forensics incident response analysis) Security Vulnerability Research & Defense … Continue reading
December 13, 2008
by Andrew Hay
0 comments
I frequently get into heated casual debates over which is more valuable, a technical certification or a University degree. Based on the following article I guess I was wrong all along. It turns out that simply having a piece of … Continue reading
December 11, 2008
by Andrew Hay
0 comments
December 4, 2008
by Andrew Hay
0 comments