As 2015 draws to a close, we reminisce on our year of blogging. We blogged on so many interesting infosec topics, from Waterholes to PenTesting to threat intelligence beyond the hype. and shared security research in the Labs Blog. We are looking forward to providing more educational and useful blogs in 2016. As in 2015, we welcome and support guest bloggers who have contributions to make to the infosec community. Please subscribe to our blog to get all the new goodies in 2016. Here are the top 12 AlienVault blogs of the year:
- Watering holes exploiting JSONP highacking to track users in China. - Jaime Blasco shares AlienVault Labs research in this top blog of the year, on series of watering hole attacks that target NGO, Uyghur and Islamic websites
- IT Jokes from Spiceworks - This is a compendium of IT humor collected from the Spiceworks community. Not heavy on infosec content, but a definite crowd-pleaser.
- KilerRat: Taking over where Njrat remote access trojan left off - Peter Ewane, new to the AlienVault Labs team, shares interesting security reseach in his first AlienVault blog.
- IDS, IPS and UTM - What's the Difference? - Grant Leonard of Castra wrote this educational guest blog to help people understand the nuances and realities, especially between IDS and IPS.
- ElasticZombie Botnet - Exploiting Elasticsearch Vulnerabilities - Markus Manzke, with German partner 8ack, shares his research in this technical blog.
- Free and Commercial Tools to Implement the SANS Top 20 Security Controls, Part 1 - Rich Johnson, member of the Spiceworks community and guest blogger, shares lots of tool ideas for implementing the SANS security controls in this blog series.
- Penetration Testing vs. Vulnerability Scanning - What's the Difference? - Marcus Carey, CEO of vThreat, tells a story that people of all backgrounds will understand to explain the difference between pen testing and vulnerability scanning.
- Open Threat Exchange (OTX) - Now Including Social Sharing of Threat Data - Jaime Blasco unveils the new release of OTX in this blog, highlighting the new features.
- Dynamic DNS Security and Potential Threats - Tony Robinson shares his research on DNS security in this educational guest blog.
- 2015 Gartner Magic Quadrant for SIEM: Visionary Aliens - Javvad Malik recaps the 2015 Gartner MQ for SIEM, which includes AlienVault USM.
- AWS Intrusion Detection (IDS) - In this blog, Russ Spitler addresses the interesting issues around intrusion detection with AWS cloud and the shared security model.
- Threat Intelligence - Beyond the Hype - Michael Roytman, guest blogger from Kenna, does an interesting analysis on threat intelligence from a vulnerability researcher's standpoint.