Suggested Blog Reading – Thursday May 31st, 2007

ReadThese three day work weeks are fantastic! I’ve taken vacation tomorrow just to chill out before I head to Houston and boy am I looking forward to it.

Here’s the list:

Storage Array for your Splunk datastore – Oh how I wish I had one of these.

New Hotness: (Sun’s new “Low Cost Array” 25×0 series)

Announcing the Information Protection Assessment Toolkit (IPAT) – I suspect, based on the presenter, that this would be a very good program.

The Information Protection Assessment Toolkit is a process that helps you identify security issues and develop an information protection plan. It is the first step in protecting your organization from a breach. The launch program begins June 19th.
IPAT is unique in that it includes every member of your organization in the process of protecting information. Many of us already understand that we need to do this but struggle as to how. IPAT shows you how. Through the IPAT process you will more accurately identify key details about your information and clarify where it exists in your organization. It involves every person and prepares them to be more receptive to awareness training. The results are transformative. I’ll share a story with you next week.

Webcast Today – SIEM Shifts to Log Management – I wish I had more advanced notice of this Webcast so I could have made arrangements to participate.

LogLogic roundtable discussion on log management and intelligence is today. The panel will discuss the shift in the Security Information and Event Management (SIEM) paradigm as it moves toward log management. Topics covered in the panel include how leading enterprises use log management, when they use it, and some pragmatic approaches to deploying it enterprise wide and across different geographies.

An inside look at a targeted attack – Good analysis of a targeted attack.

With targeted attacks becoming regular news items, it might be a good time to have a closer look at a sample of a somewhat older one. Recently I received a potentially malicious e-mail that was originally distributed early 2006. After one year, the dropper, a Word document exploiting MS05-035 was recognized by only 9 out of VirusTotal’s 36 AVs as malicious.
This attack was clearly targeted through the scope of its distribution, limited to members of a specific organization, and the purported/spoofed source and content of the e-mail message. Each of these taken together created a valid context in which the message was interpreted by the recipient.

Auditing Secure Shell – Part I – This should be a good series if the first post is any indication of what is to come 🙂

This blog entry outlines a wide variety of audits and monitoring techniques that can be used to keep watch over the Secure Shell applications in use on your network. Examples for auditing SSH client and server configurations, vulnerabilities and logs will be discussed using Nessus, the Passive Vulnerability Scanner, the Security Center and the Log Correlation Engine.

Google Acquires Web Security Startup GreenBorder – This is all over the internet and I had many choices when referencing an article that spoke of it but I choose the DarkNet one because it was simple and to the point.

GreenBorder, a venture-backed startup founded in 2001 and based in Mountain View, California, where Google is also headquartered, offers security software that sets up temporary, virtual sessions each time a computer users surfs the Web, then discards the resulting data once the user is finished surfing.

The software allows technicians to insulate corporate networks so that malicious code hidden inside e-mail, instant messages or Web sites is automatically detected and contained.

Anton Security Tip of the Day #10: Email Tracking Through Logs – Good articles like this keep me coming back to Anton’s blog every day 🙂

Email tracking – oh, need I say more? 🙂 A nightmare for privacy fans – an “evil” weapon of lawyers and HR. Email tracking raises concerns that vary from a severe inability to do it all the way to having too much ability to do it. In this tip, we will focus on the following scenario: your boss says she just sent you an email; you never received it. What’s the story?

Scroll to top