State Of Security Podcast Episode 13 Is Out

Hey there! I hope your week is off to a great start.

Here is Episode 13 of the State of Security Podcast. This new “tidbit” format comes in under 35 minutes and features some pointers on unusual security questions you should be asking cloud service providers. 

I also provide a spring update about my research, where it is going and what I have been up to over the winter.

Check it out and let me know what you think via Twitter.

SilentTiger Targeted Threat Intelligence Update

Just a quick update on SilentTiger™, our passive security assessment and intelligence engine. 

We have released a new version of the platform to our internal team, and this new version automatically builds the SilentTiger configuration for our analysts. That means that clients using our SilentTiger offering will no longer have to provide any more information than the list of domain names to engage the process. 

This update also now includes a host inventory mechanism, and a new data point – who runs the IP addresses identified. This is very useful for finding out the cloud providers that a given set of targets are using and makes it much easier to find industry clusters of service providers that could be a risk to the supply chain.

For more information about using SilentTiger to perform ongoing assessments for your organization, your M&A prospects, your supply chain or as a form of industry intelligence, simply get in touch. Clients ranging from global to SMB and across a wide variety of industries are already taking advantage of the capability. Give us 20 minutes, and we’ll be happy to explain! 

Network Segmentation Month

February is Network Segmentation Month at MSI. During February, our blog and social media content will focus on network segmentation initiatives. A how, why, when, what and who –  kind of look at creating secure enclaves within your network.

These enclaves could be based on risk zones, types of systems, types of access, business process, regulatory requirements or many other meta factors. 

We will discuss different reasons for segmenting, approaches to segmentation, some of the lessons we’ve learned from segmenting some of the largest and most complex environments in our 25 year history. It won’t all be positive – we’ll also share some of the ways that segmentation fails, some of the challenges and some of the drawbacks of segmenting networks.

So, strap in and stay tuned for a month of content focused on using segmentation to better secure your environment.

As always, if you have stories to share or want to discuss a specific segmentation question, you can do that via email (info@microsolved.com) or via Twitter to @microsolved or to me personally. (@lbhuston) MSI is always available to help you with segmentation projects, be that planning, implementation, oversight or attestation. We have a proprietary, data-centric approach to this work which we have been using for several years. You can learn more about it here – MachineTruth. We look forward to hearing from you!

State of Security Episode 12 Now Aavailable

We’ve just released episode 12 of the State Of Security Podcast. This time around, I answer questions from listeners. Things like the idea of a “Great Firewall” for the USA, the hack of the DNC, questions about launching products, working with mentees and even what I read in 2016. 

There’s some good stuff in here, and the podcast is just less than an hour. 

Check it out and let me know on Twitter what you think (@lbhuston) or drop @microsolved a line. 

Happy New Year, folks, and thanks for listening! 

Introducing AirWasp from MSI!

NewImage

For over a decade, HoneyPoint has been proving that passive detection works like a charm. Our users have successfully identified millions of scans, probes and malware infections by simply putting “fake stuff” in their networks, industrial control environments and other strategic locations. 

 

Attackers have taken the bait too; giving HoneyPoint users rapid detection of malicious activity AND the threat intelligence they need to shut down the attacker and isolate them from other network assets.

 

HoneyPoint users have been asking us about manageable ways to detect and monitor for new WiFi networks and we’ve come up with a solution. They wanted something distributed and effective, yet easy to use and affordable. They wanted a tool that would follow the same high signal, low noise detection approach that they brag about from their HoneyPoint deployments. That’s exactly what AirWasp does.

 

We created AirWasp to answer these WiFi detection needs. AirWasp scans for and profiles WiFi access points from affordable deck-of-cards-sized appliances. It alerts on any detected access points through the same HoneyPoint Console in use today, minimizing new cost and management overhead. It also includes traditional HoneyPoints on the same hardware to help secure the wired network too!

 

Plus, our self-tuning white list approach means you are only alerted once a new access point is detected – virtually eliminating the noise of ongoing monitoring. 

 

Just drop the appliance into your network and forget about it. It’ll be silent, passive and vigilant until the day comes when it has something urgent for you to act upon. No noise, just detection when you need it most.

 

Use Cases:

 

  • Monitor multiple remote sites and even employee home networks for new Wifi access points, especially those configured to trick users
  • Inventory site WiFi footprints from a central location by rotating the appliance between sites periodically
  • Detect scans, probes and worms targeting your systems using our acclaimed HoneyPoint detection and black hole techniques
  • Eliminate monitoring hassles with our integration capabilities to open tickets, send data to the SIEM, disable switch ports or blacklist hosts using your existing enterprise products and workflows

More Information

 

To learn how to bring the power and flexibility of HoneyPoint and AirWasp to your network, simply contact us via email (info@microsolved.com) or phone (614) 351-1237.


 

We can’t wait to help you protect your network, data and users!


State of Security Podcast Episode 11 is Out!

“Hey, I heard you missed us. We’re back! … I brought my pencil, give me something to write on, man!” — Van Halen

That’s right – we heard you and we’re back. It took 7 months to rework the podcast format, find a new audio post processor to partner with, close the deal, do some work on the Honorary Michael Radigan Studios and bring the whole thing back to you in a new audio package. Whew! 🙂 

That said, check out the new episode of the podcast as Lisa Wallace tears into malware history, discusses why she loves infosec and gives some advice to women working in the industry. There’s a lot of great stuff here, packed into ~40 minutes.

Look for new episodes coming soon, and hopefully with an increased pace. Hit me up on Twitter and let me know what you think! (@lbhuston). Enjoy the audio goodness and thanks for listening!

 

MSI’s Targeted Threat Intelligence is Adding Huge Value to M&A Due Diligence

Many of our clients have been using our Targeted Threat Intelligence service offerings to assist them with due diligence efforts around mergers and acquisitions activities. For many years, clients have leveraged MSI services during and after an acquisition, usually to perform security assessments, identify control gaps and validate remediations. Our network discovery and mapping tools, including MachineTruth, have been an excellent fit for helping them understand exactly what their new architectures look like and where it makes sense for interconnections and network hardening.

Now, with TigerTrax™ and MSI’s passive assessment platform, our threat intelligence and passive assessment capabilities are aiding clients in the due diligence process, making us an excellent partner throughout the M&A lifecycle! These new offerings allow us to add brand/trend data and cyber-security analysis to potential M&A targets, before they are even aware that they are prospects and without their knowledge or contractual engagement. It allows organizations more flexibility in identifying potential Intellectual Property leaks, poor security practices or other IT risks before approaching an acquisition target. The brand/trend reputational data is blended in, providing a new lens to look for potential issues around customer service, activism, impacts from poor online or data hygiene, etc.

While these same techniques have proven to be a boon for vendor supply chain security, they have been leveraged in M&A activity for a year longer. MSI has a strong history in this space and continues to innovate with new data sources, optimized processes and bleeding edge tools for making M&A safer, more efficient and more profitable. To learn more about our M&A offerings, hear about our work and research in the M&A space or discuss how we can assist your organization with M&A services, please drop us a line at info@microsolved.com, or give us a call at (614) 351-1237 today. We look forward to working with you! 

Join the MSI Team and Take Your Python Skills to the Edge

MSI is currently seeking a full time Python programmer to join our team at HQ in Columbus!

If you more than “know your way around Python”, like to build web front ends and bleeding-edge cool machine learning/NLP back ends, get in touch.

We are seeking someone to assist with ongoing development of our current product line and to help in developing new products and capabilities to extend our concepts even further.

Must be located in Columbus, OH – sadly, no relocation or remote working for this position. But, Columbus is an amazing place to live and has an awesome tech community, so we love it here! 

To join our team, you must be an excellent Python problem solver, be willing to tackle tough technical issues, be self motivated, enjoy working with Linux, Windows and OS X and be a good fit for a close group of highly technical team members who are also close friends. Our team has a 24 year history of excellence, so bring your A game…

If you’d like to talk to us about becoming a part of MSI, drop us a line – info@microsolved.com with your resume, a couple of paragraphs about why you would like to join us and some links to code or projects online that you have created. We look forward to hearing from you!