[SANS ISC] Suspicious Endpoint Containment with OSSEC

I published the following diary on isc.sans.edu: “Suspicious Endpoint Containment with OSSEC“: When a host is compromised/infected on your network, an important step in the Incident Handling process is the “containment” to prevent further infections.  To place the device into a restricted environment is definitively better than powering off the system

The post [SANS ISC] Suspicious Endpoint Containment with OSSEC appeared first on /dev/random.

Continue reading [SANS ISC] Suspicious Endpoint Containment with OSSEC

Your Network Has Been Compromised. What Now?

Security experts agree: breaches are inevitable today, which is why it’s all the more important to have an incident response plan in place. Resolving the incident when you’re still able to communicate over your main network is hard enough b… Continue reading Your Network Has Been Compromised. What Now?

Emergency vs Continuous Incident Response

Would you rather be putting out fires or keeping a calm, predictable environment? Continuous monitoring of a cloud environment identifies vulnerabilities so threats can be dealt with before they become an actual problem. As soon as an infrastructure mo… Continue reading Emergency vs Continuous Incident Response

Cloud Security This Week – March 23, 2018

New from Evident.io A CISO’s Series of Unfortunate Events Considering the always-increasing potential for threats to your environment, a CISO’s day can become a montage of nightmares before their car even arrives in the parking lot. Inciden… Continue reading Cloud Security This Week – March 23, 2018

A CISO’s Series of Unfortunate Events

You’ve probably seen those quaint features in business publications like, “A Day in the Life of the CFO.” They always have some campy comments that try to make the person relatable (“…and at 9:34am, I finally get around to… Continue reading A CISO’s Series of Unfortunate Events

Evident.io Custom Signature Provides Protection in New Wave of DDoS Attacks

Only one week after a massive DDoS attack knocked GitHub offline, a new attack dubbed “Memcrash” used the same methods to hack a U.S. service provider by targeting memcache servers. In this case where almost 100,000 memcache servers were at… Continue reading Evident.io Custom Signature Provides Protection in New Wave of DDoS Attacks

Cloud Security This Week – February 16, 2018

Evident.io in the News Open AWS S3 Bucket Exposes Private Info on Thousands of Fedex Customers “There’s a whole hacker cottage industry around finding and exploiting S3 buckets, and it’s growing because as cloud environments grow, so … Continue reading Cloud Security This Week – February 16, 2018

The Olympics and 4,000 Government Websites Got Owned

Two recent discoveries in the world of cybersecurity – from the Olympics and via cryptojacking – highlight potential trends we can expect to see more of. High profile and brash, they portend an alarming extension of hacker activity. Olympic… Continue reading The Olympics and 4,000 Government Websites Got Owned

The Growth Mindset Applied to Cloud Security in Five Steps

Psychologist Carol Dweck has done research on the concept of “mindset” in humans, and she’s determined that those who seek growth and progress are happier, more fulfilled, and actually achieve more than those focused on quick wins. Tu… Continue reading The Growth Mindset Applied to Cloud Security in Five Steps

Cloud Security This Week – January 19, 2018

New from Evident.io WEBINAR Replay: AWS S3 Security: Your 1 Week Action Plan In this webinar, Justin Hubbard, Enterprise Solutions Architect at Evident.io walked through the AWS S3 security features that will help keep your data secure. He discussed co… Continue reading Cloud Security This Week – January 19, 2018