New AT&T Cybersecurity Managed Threat Detection and Response service
New AT&T Cybersecurity Managed Threat Detection and Response service
With access to more resources than ever before, cybercriminals are rapidly scaling their operations, making every organization a potential target for a cyberattack. And, they are constantly shifting their tactics to exploit new vulnerabilities and slip past perimeter-based controls undetected. Meanwhile, the longer a threat goes undetected in a network environment, the greater the potential for damage through a security…
Forrester Says that AlienVault “Challenges” Enterprise SIEM vendors
Forrester just released their “Security Analytics Wave” report that evaluates Security Analytics/SIEM technologies used by large enterprises (5000+ employees). I am super excited that AlienVault was included for the first time and placed as a “Challenger”. This is quite incredible if you think about it. To include AlienVault as a challenger in a group of…
Threat Intelligence Feed is for Horses
Threat Intelligence Feed. There, I said it. I have not said that phrase in 5 years. To me, that is the worst phrase in the InfoSec industry. I often find myself in conversations where people use it, and at first I swallow hard and pretend it doesn't bother me. I will engage and try to let it pass me by,…
New features in OTX enhance collaboration and sharing of threat intelligence
Today we have released two major new features in Open Threat Exchange (OTX). For those of you who have not yet signed up – OTX is an open community that allows you to get updates related to the latest threats as well as collaborate with other security professionals to research and report activity you observe in your environments. AlienVault USM customers…
The case for a common taxonomy for the description of malicious behavior
The task of defending our environments from attack is made more difficult from the lack of a common taxonomy for describing malicious behavior observed. Each security control we deploy describes the threats it can detect in a different manner, each providing little insight into the nature of the behavior being reported. This disparity and lack of consistency makes it difficult…
Intrusion Detection in AWS to meet PCI Compliance
Note: The product mentioned in this blog, AlienVault USM for AWS, is no longer being sold. Learn more here. In my previous blog I discussed the difficulties using Intrusion detection (IDS) in AWS to gain visibility. Often the drive for AWS intrusion detection is to meet the requirements of regulatory compliance - in particular PCI Requirement 11.4. The question becomes, now…
AWS Intrusion Detection (IDS)
Note: The product previously mentioned in this blog, AlienVault USM for AWS, is no longer being sold. Learn more here. If you are starting a project to increase your visibility in AWS it won’t be long before you reach for your trusty old network-based IDS. However, just like the rest of us, you will soon start tearing at your…
A Drafty House: Analysis of the Current Use of AWS EC2 Security Groups
Note: The product mentioned in this blog, AlienVault USM for AWS, is no longer being sold. Learn more here. After a very confusing set of results from a survey we ran and exploring the new world of threat detection and incident response in AWS, we decided to go out and do a little research to see how the world was…
A Brave New World
Dealing with Security Monitoring in Amazon Web Services (AWS) Note: The product mentioned in this blog, AlienVault USM for AWS, is no longer being sold. Learn more here. As you know, AlienVault just launched USM for AWS and we are very excited about bringing value and controls to AWS users in securing their environments. Here is some of the thinking…
AlienVault Launches New Offering for Threat Detection and Incident Response in AWS
Note: The product mentioned in this blog, AlienVault USM for AWS, is no longer being sold. Learn more here. Today we are launching USM for AWS, our newest offering focused on providing threat detection and incident response for AWS. We have had the ability to monitor AWS environments in our core USM product line for almost two years now, however…
Cloud Security Confusion: Who Owns What?
At BlackHat this past summer, we ran a survey in our booth asking a series of questions related to security in the cloud. We had more than 500 respondents and the signal was quite strong – everyone is confused about security in the cloud! Let’s start with the simplest, most basic question – who is responsible for security? To…
Cloud Security: Time to “Wise Up”
The market for cloud, or Internet, computing, in which software and information is available on demand, has surged in recent years. Market research firm IDC expects businesses worldwide to spend $57.4 billion by the end of this year - double that of only a few years previously. Does this signal a brave, new world of 'cloud without borders' and is this…
