July 21, 2015 | Javvad Malik

2015 Gartner Magic Quadrant for SIEM: Visionary Aliens

  AlienVault has been named the only visionary in Gartner’s 2015 magic quadrant for security information and event management (SIEM). As an ex-industry analyst I do not envy the amount of research effort that goes into creating a magic quadrant. There are several challenges which plagued me as an analyst when comparing vendors in a particular segment. One of the first…

July 21, 2015 | Mike Saurbaugh

Cybersecurity Assessment Tool (CAT) from FFIEC

“It’s Reigning CATs…” Scenario comment from the board room…“What’s our risk to external threats, and are we prepared? Better yet, how will we know?” asked a board member. Gone are the days where the board is not intimately involved in cybersecurity assessment and having an understanding as to the organization’s security posture. Like it or not,…

Get the latest security news in your inbox.

Subscribe via email

RSS

July 16, 2015 | Kenneth Coe

Third Step in Reducing the Cost to Implement a Security Plan

Step 3: Paint with Better Brushes In my previous blogs Step 1 and Step 2 were outlined. Now that we have covered some of the core issues, it is time to flush out the details. The only real way to do this is to read, and not just a little. Information is your friend here. No technology, product, solution, or approach can totally…

July 14, 2015 | Kate Brew

Rick Stiffler: Training Delivery at AlienVault

I interviewed Rick Stiffler, our Director of Training Delivery at AlienVault, to find out more about his experience and perspectives. I’ve taken the AlienVault USM for Security Engineers course from Rick, and attained my ACSE certification. I got to know more about him in the process and wanted to share a more personal side of Rick with all of…

July 13, 2015 | Javvad Malik

Javvad Malik’s first 3 months at AlienVault

There’s an old saying that someone once told me that, “You never truly know someone until you’ve either lived with them, travelled with them or conducted business with them.” With it being three months today with AlienVault I thought it would be a good time to take stock of where I stood. It’s been an extremely interesting…

July 9, 2015 | Patrick Bedwell

OpenSSL Vulnerability - Q&A About What It Means for You

Yesterday, the crew at OpenSSL.org published their highly anticipated ‘high-severity’ vulnerability and patch affecting OpenSSL v1.0.1 & 1.0.2. They had given the security community a heads-up several days ago about the upcoming announcement, and there had been much speculation about the details of the vulnerability. In case you’ve been trapped on a deserted island all day or in a conference…

July 7, 2015 | Kenneth Coe

Second Step to Reducing the High Cost of Implementing an Information Security Plan

In my last blog I discussed how to create and implement a security policy to reduce steps and lower the cost of securing your business. Now I’m tackling Step 2. Step 2: Divide and Conquer Local area networks should not be wide open spaces. Managing networks, in fact, is much easier if they are comprised of a number of smaller subnets…

July 2, 2015 | Stefano Gridelli

Thoughts on Infosec from a Networking Guy

My background isn’t security – it’s networking. Before cofounding NetBeez, a network monitoring startup, I used to design and build large-scale enterprise networks. Even if routing and switching has been my bread and butter, I have always been interested in network security. In the past, the network guy didn’t have to be all that involved in InfoSec, but…

June 30, 2015 | Javvad Malik

Securing data in the cloud: What’s so different? Tweetchat Roundup!

Following up from our hugely successful tweetchat around threat intelligence, we initiated another community mind-meld and sought to tackle some of the prevalent themes around cloud security. Queue "The Good, The Bad & The Ugly” and lets talk Cloud Security this Thursday #AskAnAlien.. http://t.co/TD5o5uOMS4 pic.twitter.com/71fNwWXjGx — AlienVault (@alienvault) June 23, 2015 We don…

June 29, 2015 | Garrett Gross

Elise Malware from Operation Lotus Blossom

Devotion to the mystic law of hack and defend... We keep seeing these Advanced Persistent Threat (APT) type attacks crop up throughout the world. One of the main differentiating factors in these attacks vs ‘common’ ones are the resources at their disposal: time, money, and, most importantly, the expertise required to develop custom pieces of malware to carry…

June 26, 2015 | Russ Spitler

The case for a common taxonomy for the description of malicious behavior

The task of defending our environments from attack is made more difficult from the lack of a common taxonomy for describing malicious behavior observed. Each security control we deploy describes the threats it can detect in a different manner, each providing little insight into the nature of the behavior being reported. This disparity and lack of consistency makes it difficult…

June 23, 2015 | Kenneth Coe

Three Steps to Reduce the High Cost of Implementing an Information Security Plan

This is the first blog of a three-part series. I’m in Support at AlienVault and spend my share of time on the forums. I have seen a few posts regarding the cost of implementing security processes and procedures on a network. This is a valid question to consider, as the prospect of creating a security policy and implementing…