Hardware Based Computer Security Techniques to Defeat Hackers (Wiley) by Roger Dube, maps out solutions for hardware devices used by the Intelligence and Defense communities. Dube begins with an overview of the basic elements of computer security and then covers areas such as cryptography, bootstrap loading, and biometrics. Chapter Twelve does a good job [...]
We are currently seeking resellers for our HoneyPoint line of products and our professional services. We are open to discussing this with any firms interested in creating a virtual security practice and helping us present our HoneyPoint products to their markets. We have a strong interest in working with partners in South America, Europe and [...]
I have a bone to pick with the idea of vendors suddenly offering price drops on their assessments and such “in response to the financial crisis.” In my opinion, this is nothing more than a gimmick. A cheap come-on to win more business while the times are tough and the chips are down. If you [...]
One of the most common questions I get asked is “How can I become an information security professional?”. These days, it seems that a ton more people want to be in the “business” of information security. I get the question so often, I thought I would write this post as a quick and easy way [...]
SANS and Dshield today announced the public availability of a new honeypot project for gathering web application attack patterns and trends. The tool is available at no charge and will feed into the ongoing DShield project data stream. This is a great project and I am very happy to hear that more public attention will [...]
Wanna be bad at information security? Can you afford it? Various sources, metrics and industry studies put a variety of numbers to data loss, but the general range is around $200-$250 per compromised customer/client/credit card, etc. How many pieces of identity data does you company protect? How many clients do you have? How many employees [...]
Last night, @mubix pointed out a certain phrase that would result in a re-tweet of the attached content on Twitter. The interesting thing that got me going on this was that the folks in question had established an application to watch the Twitter stream and forward any content that mentioned the phrase to their followers. [...]
I have been working with several clients to create a new process for combating insider threats. This new approach we have been calling “scattersensing”. Using this technique (or a variation of it), you can cheaply, effectively and efficiently identify overt insider threats that may be occurring around your organization’s network. Scattersensing, when done with this [...]
Organizations today are facing increased pressure to combat the “insider threat”. More and more compromises are occurring from “inside the secure perimeter”. The financial crisis, exploding use of mobile technologies, surges in bot-net infections and capabilities plus a myriad of other conditions are only making the problem more urgent. This condition exists across market verticals [...]
Recently, Brent made some bleeding-edge discoveries about a set of 0-Day vulnerabilities. Since 0-Day vulnerabilities are such a powerful weapon of cyber-attackers, we wanted to take a few minutes and talk with him about what happened. Grab a cup of coffee and learn! Powered by Podbean.com