Collaborate Disseminate
I’ve had the privilege of working in a few different SOCs at various maturity levels ranging from the stony shores of regulatory compliance – “Yes, we have a security solution”, to the deep shark-infested waters of a global enterprise under frequent attack by nation state-sponsored attack groups. Throughout all of these different engagements, I’ve worked…
The post Failure to Communicate: Why SOCs Fail! appeared first on Speaking of Security – The RSA Blog.
So far, we’ve discussed the first five keys to a successful identity assurance: business context, anomaly detection, machine learning, broader ecosystem, and consistent experience. Let’s close the series with an important topic for both end users and administrators: flexible authentication. Administration Flexibility When we think of providing flexibility for administrators, we focus on the authentication…
The post Six Keys to Successful Identity Assurance – Flexible Authentication appeared first on Speaking of Security – The RSA Blog.
Continue reading Six Keys to Successful Identity Assurance – Flexible Authentication
Fraud risk management has become a burden in recent years, and not just because the attackers have gotten better at their game. The tools and technologies used to detect and mitigate fraud events are better, but they are also plentiful. A recent RSA survey found that 57% of organizations use between 4 – 10 different tools…
The post The Next Generation in Consumer Authentication and Fraud Prevention appeared first on Speaking of Security – The RSA Blog.
Continue reading The Next Generation in Consumer Authentication and Fraud Prevention
Fraud risk management has become a burden in recent years, and not just because the attackers have gotten better at their game. The tools and technologies used to detect and mitigate fraud events are better, but they are also plentiful. A recent RSA survey found that 57% of organizations use between 4 – 10 different tools…
The post The Next Generation in Consumer Authentication and Fraud Prevention appeared first on Speaking of Security – The RSA Blog.
Continue reading The Next Generation in Consumer Authentication and Fraud Prevention
In my previous blog, Why Malware Installers Use TMP files and the Temp folder, I discussed the advantages malware can have by using atomic writes instead of simply copying the malware to the intended location. In this blog, I discuss how ransomware uses the same technique for its purpose and how it is different from…
The post How Ransomware uses TMP files and the Temp folder appeared first on Speaking of Security – The RSA Blog.
Continue reading How Ransomware uses TMP files and the Temp folder
Your diverse, dynamic user base demands fast, convenient authentication and access—no matter where they are or what devices they are using. But you need authentication to be secure above all, with visibility across all applications and resources (cloud to ground),the assurance that your users are who they say they are and entitled to the access…
The post Authentication Your Way: Have Your Security and Convenience, Too appeared first on Speaking of Security – The RSA Blog.
Continue reading Authentication Your Way: Have Your Security and Convenience, Too
Return on investment. Total cost of ownership. Productivity gains. Payback period? What am I – a financial wizard or a risk professional? If you are in the risk management profession today, you have to be both. Being a top notch security guru that can navigate SQL injection code or rattle off the NIST 800-53 control…
The post Risk Is a Reality, Make Sure Rewards are Too appeared first on Speaking of Security – The RSA Blog.
Continue reading Risk Is a Reality, Make Sure Rewards are Too
By Steve Mowll and Chris Williams Question: When it comes to the complexities of identity management, is what we try to do in identity management the problem or is it just inherently hard? Point: We might be making it harder than it needs to be. Setting complex requirements may affect long-term suitability and success. Chris…
The post YIN AND YANG: TWO VIEWS ON IAM – NATURE OR NURTURE appeared first on Speaking of Security – The RSA Blog.
Continue reading YIN AND YANG: TWO VIEWS ON IAM – NATURE OR NURTURE
On April 8th, an interesting DLL was uploaded from Canada to VirusTotal. What makes it interesting is that the detections on VirusTotal are mostly heuristics and do not settle on a single family. The malware is also configured to beacon to an RFC1918 internal IP address, however, the name 816db8a1916201309d2a24b4a745305b.virus indicates it was picked up…
The post SuperCMD RAT appeared first on Speaking of Security – The RSA Blog.
In previous blog posts in this series, we talked about many ways to intelligently determine the right level of assurance for users gaining access to specific resources. While much of the goal is to minimize interruptions in the user experiences for authentication, there are many times when the user needs to interact in some way…
The post Six Keys to Successful Identity Assurance – Consistent Experience appeared first on Speaking of Security – The RSA Blog.
Continue reading Six Keys to Successful Identity Assurance – Consistent Experience