February 24, 2014 | Lauren Barraco

Spotted at RSA: UFO beaming down hope for a more secure tomorrow

The theme in the AlienVault booth is “You are not alone”, and while it’s easy to assume this is just a clever play on our alien name, we actually want all of our booth visitors to walk away understanding that, truly – you are not alone. In a world of single-purpose security tools and closed threat…

February 11, 2014 | Jaime Blasco

Building an Effective Incident Response Framework Infographic

Organizations are bombarded with potential threats every day. Most of these are small and irritating, not truly critical—but among those needles are little threads of larger actions at work. An incident response program enables you to pull out the needles that make up the haystack of the big picture. The ultimate goal of an incident response program is…

Get the latest security news in your inbox.

Subscribe via Email

January 22, 2014 | Lauren Barraco

The Life of a Security Researcher

Have you ever wondered what a security researcher does all day? From investigating malicious software to social engineering, security research is more than a full-time job - its a way of life. In the past year, we’ve seen security research hit the mainstream media as more organizations continue to get hit with malware, botnets and more. Today I…

January 7, 2014 | Ash Wilson

Network Security Monitoring: The nexus of network and security operations

I came into the network security monitoring mission from an infrastructure management role. I was 'that guy' who might block ACL changes if the word 'any' occurred twice in the same line, insisting that the systems and development crew be more specific with application traffic flow. Security, for me, was an aspect of my work. The company that I worked…

December 23, 2013 | Conrad Constantine

How to Handle Your First Security Breach: Survival Tips

So you've finally accepted it's just a matter of time before you need to handle your first security breach; despite all the work you've put in to your monitoring and response program, the long hours chasing down those last unidentified systems on the network, the endless meetings with department stakeholders and the uncountable hours optimizing your SIEM'…

December 17, 2013 | Sandy Hawke

What’s New in AlienVault v4.4?

Over the past ten years or so, I've worked on various computer security product teams. And in my experience prior to AlienVault, it felt like somewhat of an arms race with other vendors. Trying to release the next great big feature before the other guys can. And while that competitive spirit can sometimes produce leaps in technology innovation, as…

December 10, 2013 | Lauren Barraco

What are the most common types of malware?

APTs (Advanced Persistent Threats) get all the press, but generally the most common types of malware cause the most damage when considered in the aggregate. Broad-based attacker techniques are effective because they benefit from the reuse and recycling of the same basic sets of malicious code when targeting organizations. That's why it's important to drive awareness regarding these…

December 3, 2013 | Sandy Hawke

The Agony & Ecstasy of Open Source Software

An Interview with Dominique Karg, AlienVault's co-founder and Chief Hacking Officer One of the most interesting debates in IT/infosec circles is around the use of and reliance upon open source security software. Open source security software has its share of fans as well as detractors, and I thought it would be interesting to get a perspective from one…

November 26, 2013 | Sandy Hawke

Rethinking Vulnerability Management: The attacker’s perspective

Here's a really basic question... Why do we do vulnerability management? If your child asked you that question, how would you answer? It’s pretty simple really. We need to find and fix vulnerabilities because that’s what attackers exploit. You would then likely explain to your child that vulnerabilities are weaknesses, and weaknesses can be exploited…

November 19, 2013 | Patrick Bass

PCI DSS v3.0: What’s new and some key recommendations

On November 7, the Payment Card Industry (PCI) updated security requirements for handling credit card numbers and related data. The updated Data Security Standard (DSS) 3.0 reflects a number of key changes important to any organization that stores, processes, or transmits cardholder data (CHD). The new requirements become effective January 1, 2014. The older 2.0 standard will remain active until December 31, 2014 to help ensure adequate…

November 11, 2013 | Lauren Barraco

Log Analysis 101

The challenge for any security practitioner is the same: how to get adequate security visibility for your organization. Securing your environment requires an understanding of the current and evolving threat landscape as well as knowledge of network technology and system design. The traditional approach to event log analysis says “collect logs from everything connected to the network and let…

November 6, 2013 | Sandy Hawke

Top Five Myths About Log Management

Event logs provide all the information you need to troubleshoot operational errors, and investigate potential security exposures. They are literally the bread crumbs of the IT world. But as you're likely aware, finding the insight you need inside those scattered bread crumbs, isn't all that straightforward. Thankfully, there are some useful technologies that can assist with bringing together…

Watch a Demo ›
Get Price Free Trial