April 27, 2014 | Barmak Meftah

From ISAC to ISAE: Let’s turn that word “Center” into “Exchange” and open the floodgates to all

Threat intelligence sharing is a hot topic right now, made all the more relevant by the series of high profile breaches that have plagued the retail industry since December. Target, Neiman-Marcus, Sally Beauty, Michael’s, Aaron Brothers… no doubt, more to come. These breaches have been covered by the media extensively, and there’s not much more…

April 24, 2014 | Joe Schreiber

MSSP - The New Acceptance

Wait, you want my keys? You'll just watch my house? I'm okay with that! From my last post you know I previously worked for a MSSP, but I've been on the other side working with them as well. Furthermore I've staffed and cultivated analysts working inside MSSPs, created Incident Response systems and developed Metrics (fun, fun…

Get the latest security news in your inbox.

Subscribe via Email

April 22, 2014 | Lauren Barraco

File Integrity Monitoring - Because Bad Guys are Sneaky

Sadly, perpetrators of malicious changes in IT don't just announce themselves. While on the surface, File Integrity Monitoring (FIM) doesn't appear all that sexy to security practitioners, it is a great way to deal with sneaky bad guys. It's forensic in nature - providing the ability to look at changes after-the-fact to figure out what happened. The…

April 15, 2014 | Lauren Barraco

Top 5 Problems with Traditional SIEM (Infographic)

Unlike security cameras, going from installation to insight with a traditional SIEM is far from straightforward. In this infographic, we’ll cover a few common problems with SIEM technologies, and how you can avoid those pitfalls with AlienVault Unified Security Management. SIEM is too complex. Collecting the right data, aggregating it, normalizing and correlating disparate technologies for that one…

April 11, 2014 | Jaime Blasco

What should I do about Heartbleed?

Heartbleed is not an exploit you want to ignore as an IT professional. It exposes passwords and cryptographic keys, and requires not only that you patch OpenSSL for each of the services using the OpenSSL library, but also that you replace the private keys and certificates so that attackers won’t be able to use any of the data…

April 10, 2014 | Jim Hansen

Windows XP End-of-Life: How USM and OTX can help avoid the security armageddon - Part 2

This is the second of a two-part blog focused specifically on Windows XP end-of-life. Recently, I sat down with our Director of Sales Engineering, Tom D’Aquino, to talk about the Windows XP End-of-Service that has everybody riled up. The end of service date should be no surprise. Microsoft has a pretty well-defined software lifecycle policy, and they make…

April 8, 2014 | Jim Hansen

Windows XP end-of-life: Security armageddon or just another day in the trenches? Part 1

This is the first of a two-part blog focused specifically on Windows XP end-of-life. When Microsoft announced their decision to End-of-Life Windows XP on April 8th, 2014, it caused quite the media stir, and continues to as we reach that date. I decided to sit down with our Director of Sales Engineering, Tom D’Aquino, to talk about what exactly…

March 25, 2014 | Conrad Constantine

Better than SIEM: Unified Security Management

In Part 1 of this series, we discussed what a SIEM actually is. In Part 2, we discussed what kind of logs you need for an effective SIEM implementation. So life should be grand, right? Nope, the big problem is that most systems’ log files don’t contain entries that say, “Help! Help! I’m being attacked!”…

March 19, 2014 | Russ Spitler

A practical approach to the Windows XP ‘Security Cliff’

There is an increasing amount of noise related to what it means when Microsoft stops releasing security patches for XP. While a lot of this noise is doom and gloom it is also important to look at this from a practical perspective and determine exactly what we can do to see ourselves through this transition safely. As hard as we…

March 13, 2014 | Monica Tan

Designing for Everyday Security

In the 1980’s Don Norman wrote a book titled “The Design of Everyday Things”. In his book he describes the importance of product design when it comes to how humans interact with it. He describes human interactions with fixtures, chairs, doors, and software applications. One of the simple design principles that Norman talks about is that the…

March 11, 2014 | Jaime Blasco

Botnet bruteforcing Point Of Sale terminals via Remote Desktop

Every single day our automated systems analyze hundreds of thousands of malicious samples. Yesterday one of the samples caught my attention because the malware started performing bruteforce attacks against Remote Desktop using certain username and passwords. MD5: c1fab4a0b7f4404baf8eab4d58b1f821 Other similar samples: c0c1f1a69a1b59c6f2dab1813…

March 4, 2014 | Lauren Barraco

What’s New in AlienVault v4.5?

At AlienVault, we know that you never have enough time to dedicate to security and that’s why we’re laser focused on how to make threat detection and incident response more efficient for everyone. We know you probably have a full-time job in addition to security and that you can’t afford to waste time tracking…

Watch a Demo ›
Get Price Free Trial