September 18, 2014 | Kate Brew

Information Security in Higher Education: SANS Survey with Interesting Findings

SANS conducted a survey in June, Higher Education: Open and Secure?, where they surveyed almost 300 IT professionals in Higher Education. Based on the results, Higher Ed institutions clearly have information security concerns and priorities that are a bit different from those of the typical enterprise. You really can't "lock down" Higher Ed: the whole premise of higher education involves…

September 5, 2014 | Garrett Gross

Brute Force Attacks & How They’ve Been Used to Access Nude Celebrity Photos

Thanks to recent events involving certain celebrities’ stolen pictures, “brute-force attack” is now one of the hot buzz words making its rounds on the intertubez. However, if you asked most people, they probably couldn’t even hazard a guess as to what is actually involved in a brute force attack. As an IT professional - do…

Get the latest security news in your inbox.

Subscribe via Email

August 27, 2014 | Garrett Gross

Close Encounters of the Nerd Kind - SQL Injection Attack Examples

Hi folks – thanks for checking out the first in a blog series I’m doing - ‘Close Encounters of the Nerd Kind”, which focuses on information security, hacking, and current threats out in the wild. The title was probably too easy of a joke, but “Dr. Botnet or: How to Learn to Stop Worrying and…

August 21, 2014 | Lauren Barraco

Defend like an attacker: Applying the cyber kill chain

Understanding the cyber kill chain gives you an advantage With the constantly evolving nature of most threats, it can be difficult to address every incident and alert that occurs in your environment. Effective incident response requires effective methods of prioritization: Deciding which alerts to focus on and in which order. In general, we’ve relied on a few standard…

August 15, 2014 | Jimmy Vo

Security Incident Handling and SIEM

It was 9:00 a.m. on a Wednesday morning and I was sitting in front of a testing computer. Laid across my small work area were five SANS 504 (Hacker Techniques, Exploits, and Incident Handling) books which were accessorized with colorful sticky tabs. As I answered questions regarding the security incident handling phases outlined by SANS my mind started wandering off, as…

August 11, 2014 | Fabrizio Siciliano

BadUSB: How To Do USB Device Detection with OSSEC HIDS and AlienVault USM

In a talk last week at Black Hat, a new form of malware that operates inside USB devices and can cause full system compromise with a self-replicating USB virus was discussed. With this type of evil associated with USBs, I thought to share a small how-to on detecting and alerting in AlienVault’s USM platform whenever a USB device …

July 23, 2014 | Kate Brew

Karl Hart, Security Analyst and AlienVault User

To get more of a practitioner’s view of AlienVault, I recently reached out to Karl Hart, IT Security Analyst and AlienVault user. Karl works at a privately-held financial institution in Ohio, and he is involved in every aspect of IT security. This includes incident response, vulnerability assessment, policies, procedures, and penetration testing. Since his company is privately held,…

July 8, 2014 | Branden Williams

PCI DSS Logging Requirements

When it comes to PCI DSS Logging Requirements, sometimes the most challenging requirements to meet are the ones that can be the easiest technically to achieve. In dealing with logging, every single system around has the capability to meet PCI DSS, but managing those logs and ensuring they are continually being generated can be challenging. The common problem that companies…

June 24, 2014 | Jimmy Vo

SANS Top 20 Critical Security Controls and Security Monitoring (SIEM)

While resources such as the SANS 20 Critical Controls are helpful, businesses of all sizes face similar struggles with building and maintaining their security programs and determining their critical security controls. This can be disastrous because motivated attackers may target organizations found to lack basic security controls. The deficiency in security controls is often attributed to: Lack of internal talent Lack…

June 19, 2014 | Xavier Mertens

Tracking Patient Zero

In medical science, the patient zero is defined as "the initial patient in the population of an epidemiological investigation” (Source: Wikipedia). Information security has many links with medical science, after all, the term “virus” is used in both worlds. Wikipedia defines virus as "a small infectious agent that replicates only inside the living cells of other organisms.…

May 29, 2014 | Darrick Kristich

The Road to Compliance AND Security: Why business needs a new approach

Almost every week another major company is in the media for another security breach or data leak. Last week it was eBay. This week, it was Spotify and Office, a UK-based clothing retailer. With this continued coverage on security issues, comes a growing concern that businesses are having an increasingly difficult time maintaining a solid security posture. Pile on the…

May 27, 2014 | Kate Brew

Security by Sharing! OWASP Austin: Talk on Crowd-Sourced Threat Intelligence

Jaime Blasco of AlienVault with Kyle Smith, OWASP Austin Chapter President Jaime spoke at the Austin OWASP chapter meeting on 5/27. He is a security researcher with broad experience in network security and malware analysis. The last OWASP meeting Jaime presented at was in Barcelona sixyears ago, when he was doing penetration testing. A video recording of the talk is here …

Watch a Demo ›
Get Price Free Trial