Network isolation and segmentation explained
Network isolation and segmentation explained
What is network isolation? A project management approach to designing, implementing, and operationalizing network isolation and micro-segmentation Network segmentation (often referred to as network isolation) is the concept of taking your network and creating silos within it called VLANs (virtual local area networks) that separates assets in the networked environment based on the function of the asset within the…
Undivided we fall: decoupling network segmentation from micro-segmentation in the software defined perimeter
Introduction As of today, no laws or regulations, even the latest version of PCI-DSS, HIPAA, and HITECH, do not make network segmentation or micro-segmentation compulsory to comply with the rule. By making network segmentation discretionary -- even when transmitting, processing, or storing regulated data, the number of breaches will continue to rise as companies err on the side of…
Digital Forensics According to the FORZA Model and Diamond Model for Intrusion Analysis
The Bridge on the River Forza We can teach these barbarians a lesson in Western methods and efficiency that will put them to shame.” -Colonel Nicholson (The Bridge on the River Kwai, 1957) Efficiency. Something we look to implement in everything we do, whether that be through the elimination of waste through Six Sigma, or other frameworks and methodologies, efficiency is…
One Flew Over the Cuckoo’s Test: Performing a Penetration Test with Methodology
“All I know is this: nobody’s very big in the first place, and it looks to me like everybody spends their whole life tearing everybody else down.” - One Flew Over the Cuckoo’s Nest (1975) I love this quote from this film and unfortunately, despite the fact that it’s now 41 years later since…
Understanding Electronic Control Units (ECUs) in Connected Automobiles and How They Can Be Hacked
Before you read any further, I must caution you that the weaknesses described in this article impact multiple ECUs on the market today and therefore have had all identifiers, such as references to specific automobile and ECU manufacturers removed in the interest of responsible disclosure. While topics in this article will be discussed at a very superficial level, My talk…
Hacking Multifunction Printers: Lock, Stock and Two Smoking Printers
Introduction Because networked printers are often configured with access to the organization’s file server, email server, and active directory, the potential risk is enormous and unfortunately printers are the last device that the IT Security team even thinks about. As a matter of fact, in almost every single engagement we’ve been on at Brier & Thorn, it was the…
Counter-Insurgency Bullet Designed to Kill Insurgents is Like IT Security Looking for a Special APT Detector
What? A special bullet that is designed just to kill insurgents? That's ridiculous. Well of course it is. No one in their right mind at the Pentagon, no chief on the Joint Chiefs of Staff would ever propose something like that. They wouldn't because first of all, it's not possible to create a bullet that only kills…
Red teams; a diary from the garden of Red versus Blue
As with most terminology used in information technology, such as DMZ (or Demilitarized Zone), the term Red team was originally adopted from its use by the US military, which is still heavily used today in the ongoing force transformation of the Department of Defense. Red teaming can be used at multiple levels within a company, not just red team/blue…