July 14, 2015 | Kate Brew

Rick Stiffler: Training Delivery at AlienVault

I interviewed Rick Stiffler, our Director of Training Delivery at AlienVault, to find out more about his experience and perspectives. I’ve taken the AlienVault USM for Security Engineers course from Rick, and attained my ACSE certification. I got to know more about him in the process and wanted to share a more personal side of Rick with all of…

July 13, 2015 | Javvad Malik

Javvad Malik’s first 3 months at AlienVault

There’s an old saying that someone once told me that, “You never truly know someone until you’ve either lived with them, travelled with them or conducted business with them.” With it being three months today with AlienVault I thought it would be a good time to take stock of where I stood. It’s been an extremely interesting…

Get the latest
security news
in your inbox.

Subscribe via email


July 9, 2015 | Patrick Bedwell

OpenSSL Vulnerability - Q&A About What It Means for You

Yesterday, the crew at OpenSSL.org published their highly anticipated ‘high-severity’ vulnerability and patch affecting OpenSSL v1.0.1 & 1.0.2. They had given the security community a heads-up several days ago about the upcoming announcement, and there had been much speculation about the details of the vulnerability. In case you’ve been trapped on a deserted island all day or in a conference…

July 7, 2015 | Kenneth Coe

Second Step to Reducing the High Cost of Implementing an Information Security Plan

In my last blog I discussed how to create and implement a security policy to reduce steps and lower the cost of securing your business. Now I’m tackling Step 2. Step 2: Divide and Conquer Local area networks should not be wide open spaces. Managing networks, in fact, is much easier if they are comprised of a number of smaller subnets…

July 2, 2015 | Stefano Gridelli

Thoughts on Infosec from a Networking Guy

My background isn’t security – it’s networking. Before cofounding NetBeez, a network monitoring startup, I used to design and build large-scale enterprise networks. Even if routing and switching has been my bread and butter, I have always been interested in network security. In the past, the network guy didn’t have to be all that involved in InfoSec, but…

June 30, 2015 | Javvad Malik

Securing data in the cloud: What’s so different? Tweetchat Roundup!

Following up from our hugely successful tweetchat around threat intelligence, we initiated another community mind-meld and sought to tackle some of the prevalent themes around cloud security. Queue "The Good, The Bad & The Ugly” and lets talk Cloud Security this Thursday #AskAnAlien.. http://t.co/TD5o5uOMS4 pic.twitter.com/71fNwWXjGx — AlienVault (@alienvault) June 23, 2015 We don…

June 29, 2015 | Garrett Gross

Elise Malware from Operation Lotus Blossom

Devotion to the mystic law of hack and defend... We keep seeing these Advanced Persistent Threat (APT) type attacks crop up throughout the world. One of the main differentiating factors in these attacks vs ‘common’ ones are the resources at their disposal: time, money, and, most importantly, the expertise required to develop custom pieces of malware to carry…

June 26, 2015 | Russ Spitler

The case for a common taxonomy for the description of malicious behavior

The task of defending our environments from attack is made more difficult from the lack of a common taxonomy for describing malicious behavior observed. Each security control we deploy describes the threats it can detect in a different manner, each providing little insight into the nature of the behavior being reported. This disparity and lack of consistency makes it difficult…

June 23, 2015 | Kenneth Coe

Three Steps to Reduce the High Cost of Implementing an Information Security Plan

This is the first blog of a three-part series. I’m in Support at AlienVault and spend my share of time on the forums. I have seen a few posts regarding the cost of implementing security processes and procedures on a network. This is a valid question to consider, as the prospect of creating a security policy and implementing…

June 18, 2015 | Russ Spitler

Intrusion Detection in AWS to meet PCI Compliance

Note: The product mentioned in this blog, AlienVault USM for AWS, is no longer being sold. Learn more here. In my previous blog I discussed the difficulties using Intrusion detection (IDS) in AWS to gain visibility. Often the drive for AWS intrusion detection is to meet the requirements of regulatory compliance - in particular PCI Requirement 11.4. The question becomes, now…

June 16, 2015 | Jaume Ayerbe

A los demonios no hay que creerles ni cuando dicen la verdad

Si me permiten citar nuevamente a Gabriel García Márquez, "A los demonios no hay que creerles ni cuando dicen la verdad." Ese pasaje llegó a mi mente hace unos días cuando tuve el honor de ser ponente en "Mundo Hacker Day" , un evento de seguridad cibernética de dos días, en Madrid, España; respaldado por…

June 16, 2015 | Jaume Ayerbe

On Security Awareness - Mundo Hacker Day

If you allow me to quote once again Gabriel García Marquez, Demons should not be trusted, even when they say the truth That passage came to my mind few days ago when I had the honor to be a speaker at Mundo Hacker Day, a two-day cyber security event in Madrid, Spain backed by the popular TV program with…