Hardware Inventory

Background on Hardware Inventory and CIS CSC Version 8 Safeguards

As technology advances, so do the security risks that come with it. To mitigate cybersecurity threats, organizations need to implement strict security measures. One such measure is the implementation of hardware inventory procedures that align with CIS CSC Version 8 safeguards and industry-standard best practices.

Hardware inventory procedures involve the comprehensive tracking and management of all hardware assets owned by an organization. This includes everything from desktops and laptops to servers and network devices. Organizations can better understand their attack surface and potential vulnerabilities by maintaining a detailed inventory.

CIS CSC Version 8 safeguards outline a set of 18 critical security controls that are considered best practices for securing an organization’s network and data. These controls cover various security requirements, including access control, incident response planning, and audit log management.

When it comes to hardware inventory specifically, the following CIS CSC Version 8 safeguards are crucial:

– Inventory of Authorized and Unauthorized Devices: This safeguard involves creating and maintaining a detailed inventory of all authorized and unauthorized devices. By doing so, organizations can more easily detect and remove any unauthorized devices that could potentially pose a security risk.

– Inventory of Authorized and Unauthorized Software: Similar to the above safeguard, this control involves maintaining a detailed inventory of all authorized and unauthorized software. This way, organizations can ensure that only authorized software is used on their hardware, which helps maintain a security posture.

– Secure Configurations for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers: By implementing secure configurations for hardware and software, organizations can minimize any vulnerabilities.

Implementing these CIS CSC Version 8 safeguards, in addition to industry-standard best practices, can help organizations to create a strong security posture and protect against security breaches and other potential impacts.

Why Hardware Inventory is Essential

Hardware inventory may seem tedious and time-consuming, but it is essential for any organization that wants to maintain a solid cybersecurity posture. Keeping track of every piece of hardware owned by the organization not only helps to prevent unauthorized access but also enables you to identify potential security risks and vulnerabilities in your network. It’s essential to know what hardware you have, where it’s located, and what software is installed on it, especially when dealing with many devices.

Failure to maintain a detailed hardware inventory could result in security breaches, where malicious actors gain access to your network and sensitive information. An organized and up-to-date inventory helps to streamline audits, improve compliance, and quickly identify any changes to the hardware or software environment. By knowing what you have and what you need, organizations can implement appropriate controls to protect their assets from cybersecurity risks more effectively. Furthermore, the inventory could also help identify under-utilized or over-utilized equipment, providing insights for better, data-driven decisions in managing assets.

In conclusion, hardware inventory is critical in securing an organization’s infrastructure and safeguarding sensitive information. It enables organizations to identify assets, keep track of changes, and detect any vulnerabilities that could pose a threat. A detailed inventory helps implement appropriate controls to mitigate risks, improving an organization’s overall cybersecurity posture. Therefore, every organization should take the time to maintain an up-to-date list of their hardware assets to ensure they remain protected against cyber threats.

Best Practices for Hardware Inventory

Having a detailed and up-to-date inventory of your hardware is essential in maintaining your organization’s security. Here are some best practices based on CIS CSC version 8 to help you maintain a secure hardware inventory:

1. Conduct a regular inventory: It is recommended that you conduct a physical inventory of your hardware at least once a year or when significant changes occur in your organization.

2. Identify assets: You should identify all the hardware assets that require inventory, including servers, desktops, laptops, tablets, and smartphones.

3. Document all information: Record all the relevant information for each asset, including make, model, serial number, location, owner, and software installed.

4. Asset management: Use a centralized asset management system to maintain an accurate inventory and track changes or updates.

5. Establish access controls: Ensure only authorized personnel have access to the hardware inventory and limit their access to only the required information.

6. Conduct regular audits: Regular audits ensure your inventory is accurate and up-to-date. Make sure that all changes are documented for future reference.

7. Implement Threat Prevention: Establish threat prevention measures for hardware, such as installing security software, monitoring for unauthorized changes, and training employees to recognize and report potential security threats.

8. Develop an incident response plan: Develop an incident response plan that outlines how to respond to any security incidents related to your hardware inventory.

By following these best practices, you can maintain a secure and efficient hardware inventory and protect your organization from potential security risks.

Hardware Inventory Sample Policy

Our organization takes cybersecurity seriously and strives to maintain a robust security posture that protects our assets and our customers’ data. As part of our efforts to mitigate potential security risks, we have established a strict policy for hardware inventory that complies with the CIS CSC Version 8 Safeguards and Industry Standard Best Practices.

1. Regular Inventory: We will conduct a physical inventory of all our hardware assets at least once a year or whenever significant changes occur in our organization. This will ensure that we have an accurate and up-to-date inventory of all our hardware assets.

2. Identify Assets: We will identify all the hardware assets that require inventory, including servers, desktops, laptops, tablets, and smartphones. This will help us keep track of all our hardware assets and prevent security breaches.

3. Document Information: We will carefully document all relevant information for each asset, including make, model, serial number, location, owner, and software installed. This will help us maintain an accurate inventory of our hardware assets and facilitate quick identification in case of any security incidents.

4. Asset Management: We will use a centralized asset management system to maintain an accurate inventory and track changes or updates. This will help us keep track of all our hardware assets and ensure our inventory is always current.

5. Access Control: Access controls will be established to ensure only authorized personnel can access the hardware inventory and limit their access to only the required information. This will help us prevent unauthorized access to our hardware inventory and mitigate potential security risks.

6. Regular Audits: We will conduct regular audits to ensure our inventory is accurate and up-to-date. Any changes to our inventory will be documented for future reference. This will help us identify any discrepancies and correct them quickly.

7. Threat Prevention Measures: We will establish threat prevention measures for hardware, such as installing security software, monitoring unauthorized changes, and training employees to recognize and report any potential security threats. This will help us prevent any security breaches and mitigate potential security risks.

8. Incident Response Plan: We will develop an incident response plan that outlines how to respond to any security incidents related to our hardware inventory. This will help us respond quickly and efficiently to security incidents and prevent data breaches.

By following this policy, we can ensure the security and integrity of our hardware inventory, mitigate potential security risks, and protect our organization’s assets and our customers’ data.

Hardware Inventory Sample Procedures

Hardware Inventory Sample Procedures:

1. Regular Physical Inventory Check-ups: Perform a physical inventory of all hardware assets at least once a year or whenever major organizational changes occur. This ensures an accurate and up-to-date inventory of all hardware assets is maintained.

2. Identify Hardware Assets: Identify all hardware assets that require inventory, including servers, desktops, laptops, tablets, and smartphones. Accurately identifying these assets helps track them and prevents any security breaches.

3. Document Information: Document all relevant information about each hardware asset, including make, model, serial number, location, owner, and software installed, to maintain an accurate inventory of assets. The documentation helps quickly identify all hardware assets in case of any security incidents.

4. Use a Centralized Asset Management System: Establish a centralized asset management system to maintain an accurate inventory and track any changes or updates to the hardware asset details. This helps keep track of all hardware assets and ensures the inventory is always current.

5. Control Access: Establish access controls to ensure only authorized personnel have access to the hardware inventory and only to the information they require. This helps prevent unauthorized access to the hardware inventory, mitigating potential security risks.

6. Conduct Regular Audits: Regularly audit the hardware inventory to ensure accuracy and that it is up to date. Any changes to the inventory should be documented for future reference. This helps identify any discrepancies and correct them quickly.

7. Install Threat Prevention Measures: Establish threat prevention measures, such as installing security software, monitoring for unauthorized changes, and training employees to recognize and report potential security threats. This helps prevent security breaches and mitigate potential security risks.

8. Create an Incident Response Plan: Develop an incident response plan that outlines how to respond to any security incidents related to hardware inventory. This helps respond quickly and efficiently to any security incidents and prevent potential data breaches.

*This article was written with the help of AI tools and Grammarly.

Best Practices for DHCP Logging

As an IT and security auditor, I have seen the importance of DHCP logging in, ensuring network security, and troubleshooting network issues. Here are the best practices for DHCP logging that every organization should follow:

 

1. Enable DHCP Logging: DHCP logging should be turned on to record every event that occurs in the DHCP server. The logs should include information such as the time of the event, the IP address assigned, and the client’s MAC address.

2. Store DHCP Logs Securely: DHCP logs are sensitive information that should be stored in a secure location. Access to the logs should be restricted to authorized personnel only.

3. Use a Centralized Logging Solution: To manage DHCP logs, organizations should use a centralized logging solution that can handle logs from multiple DHCP servers. This makes monitoring logs, analyzing data, and detecting potential security threats easier.

4. Regularly Review DHCP Logs: Regularly reviewing DHCP logs can help detect and prevent unauthorized activities on the network. IT and security auditors should review logs to identify suspicious behavior, such as unauthorized IP and MAC addresses.

5. Analyze DHCP Logs for Network Performance Issues: DHCP logs can also help identify network performance issues. By reviewing logs, IT teams can identify IP address conflicts, subnet mask issues, and other network performance problems.

6. Monitor DHCP Lease Expiration: DHCP lease expiration is vital to ensure IP addresses are not allotted to unauthorized devices. DHCP logs can help to monitor lease expiration and to deactivate the leases of non-authorized devices.

7. Implement Alerting: IT and security audit teams should implement alerting options to ensure network security. By setting up alert mechanisms, they can be notified of suspicious activities such as unauthorized devices connecting to the network or DHCP problems.

8. Maintain DHCP Logs Retention Policy: An effective DHCP logs retention policy should be defined to ensure logs are saved for an appropriate period. This policy will help to provide historical audit trails and to comply with data protection laws.

 

Following these DHCP logging best practices will help ensure the network’s security and stability while simplifying the troubleshooting of any network issues.

Seek Out and Remove End-Of-Life Components

Just a quick reminder, at some point during each quarter, it is a good idea to enact a process to seek out and remove any end-of-life products in your environment. This is not only a best practice but a significant risk reduction measure as well. Make it an ongoing periodic process, and you’ve got a powerful weapon against threats and emerging issues stemming from end-of-life hardware, firmware, and software in your networks.

How to Search for End-Of-Life Products In Your Environment

The first step is to identify the devices, applications, and firmware that are no longer supported by their vendors. You can do this manually or with a tool. The next step is to determine which of those devices have been deployed in your network. Once you know where they are, you need to find them. There are several ways to search for these devices:

Use Network Inventory Tools

Network inventory tools such as Nmap and Nessus will allow you to scan your entire network to locate all of the devices on your network. These tools will also tell you what operating systems and versions of software/firmware are running on the device. If you’re using a vendor-specific tool, you’ll be able to see if there are any known vulnerabilities associated with the product in many cases.

Talk to Device and Application Owners

If you don’t already have a relationship with the owners of the devices and applications, then you should start building one now. It’s important to get to know the people who own the devices and applications so that you can ask questions about how they use the devices and applications. You may even want to consider getting an end-of-life security policy together for the organization so that you can make sure everyone understands the risks of end-of-life components.

Once you have discussed the issues with the owner, remove the component if possible. Otherwise, add it to a list of components to look for workarounds or replacements. Many organizations that can’t manage to replace an end-of-life component either place it in a low trust network zone, front-end it with firewalls or ACLs, and increase monitoring and detection of the assets involved. Of course, the component should be reviewed quarterly until it can be removed from service.

Doing this process every quarter will increase your networks’ overall stability and trust worthiness, plus reduce risk and management headaches. It’s well worth your time and an effective part of an overall risk management strategy.

3 Common Challenges Implementing Multi-Factor Authentication

Multi-factor authentication is becoming increasingly popular among businesses and consumers alike.

However, many organizations struggle to implement the technology successfully.

Here are three challenges organizations face when implementing multi-factor authentication.

1. Lack of Awareness

Many organizations don’t understand what multi-factor authentication is or why they should use it.

They think it’s too complicated, expensive, or unnecessary.

This misconception leads to a lack of awareness about the security risks posed by weak passwords and phishing attacks.

2. Security Concerns

Some organizations believe that multi-factor authentication adds complexity and cost to their IT infrastructure.

But, in reality, multi-factor authentication doesn’t add much overhead.

Instead, it provides additional layers of protection against cyberattacks.

3. Complexity

Organizations sometimes find it difficult to integrate multi-factor authentication into their existing systems.

For example, they might have to replace old software or change user interfaces.

Some Potential Solution Ideas

If you’re struggling to implement multi-factor authentication, here are some tips to help you overcome these challenges.

1. Educate Employees About Multi-Factor Authentication

Educating employees about multi-factor authentication helps them understand its importance.

Make sure employees know that using multi-factor authentication reduces the likelihood of fraud and improves overall security.

2. Use Technology That Works For You

Multi-factor authentication tools are becoming more popular by the day. Many low-cost, or even free, solutions exist from vendors like Microsoft, DUOand others.

Look for solutions that have easy integration with your existing business infrastructure and systems.

3. Work With A Partner

A partner who has experience implementing multi-factor authentication can be helpful.

An experienced partner can provide guidance and support throughout the implementation process.

4. Make Sure The Solution Is Right For You

Before choosing a solution, make sure it meets your organization’s needs.

As always, if we can be of assistance, drop us a line to info@microsolved.com. We’d be happy to help!

SSL Certificate High-Level Best Practices

SSL certificates are an essential part of online security. They protect websites against hackers who try to steal information such as credit card numbers and passwords. In addition, they ensure that customers trust the site and its content.

Almost 50% of the top one million websites use HTTPS by default (they redirect inquiries of HTTP pages to URLs with HTTPS). (comodosslstore.com)As such, even pages that don’t deal with confidential data are being deployed using SSL. The underlying certificates to power the encryption are available from a variety of commercial providers, and even the pro-bono resource https://letsencrypt.org. No matter where you get your certificate from, here are a few resources for high-level best practices.

Trust Your Certificate Provider

Since certificates provide the basis for the cryptography for your site, their source is important. You can find a trustworthy list of providers for certificates here. https://www.techradar.com/news/best-ssl-certificate-provider. Beware of commercial providers not found on this list, as some of them may be sketchy at best, or dangerous at worst. Remember, the Let’s Encrypt project above is also highly trusted, even though they are not a commercial firm.

Manage Versions and Algorithms

Make sure you disable SSL and TLS 1.0 on the server. That version has known vulnerabilities. If possible, and there are no impacts on your users, consider removing 1.1 and 1.2 as well. 1.3 fixes a lot of the known issues with the protocol and supports only the known secure algorithms.

In cryptography, cipher suites play an important part in securing connections by enabling encryption at different levels. You shouldn’t be using an old version of a cryptographic protocol if there’s a newer one available; otherwise, you may put your site’s security at risk. Using secure cipher suites that support 128-bit (or more) encryption is crucial for securing sensitive client communications.

Diffie Hellman Key Exchange has been shown to be vulnerable when used for weaker keys; however, there is no known attack against stronger keys such as 2048-bits. Make sure you use the strongest settings possible for your server.

Manage and Maintain Certificate Expiration

As of Sept. 1, 2020, Apple’s Safari browser will no longer trust certificates with validity periods longer than 398 days, and other browsers are likely to follow suit. Reducing validity periods reduces the time period in which compromised or bogus certificates can be exploited. As such, any certificates using retired encryption algorithms or protocols will need to be replaced sooner. (searchsecurity.techtarget.com)

Maintain a spreadsheet or database of your certificate expiration dates for each relevant site. Make sure to check it frequently for expiring certificates to avoid user issues and browser error messages. Even better is to use an application or certificate management platform that alerts you in plenty of time to upcoming certificate expirations – thus, you can plan accordingly. Best of all, if possible, embrace tools and frameworks for automating certificate management and rotation – that makes sure that you are less likely to have expiration issues. Most popular web frameworks now have tools and plugins available to perform this for you.

Protect Your Certificates and Private Keys

Remember that your certificate is not only a basis for cryptography, but is also a source of identification and reputation. As such, you need to make sure that all certificates are stored properly, securely and in trusted locations. Make sure that web users can’t access the private certificate files, and that you have adequate back up and restore processes in place.

Make sure that you also protect the private keys used in certificate generation. Generate them offline, if possible, protect them with strong passwords and store them in a secure location. Generate a new private key for each certificate and each renewal cycle.

Revoke your certificate or keys as quickly as possible if you believe they have been compromised.

Following these best practices will go a long way to making your SSL certificate processes safer and more effective. Doing so protects your users, your reputation and your web sites. Make sure you check back with your certificate provider often, and follow any additional practices they suggest.

 

 

 

 

The Need for an Incident Recovery Policy (IRP)

Organizations have been preparing for information security issues for a number of years now and many, if not most, have embraced the need for an incident response policy and process. However, given the recent spate of breaches and compromises that we have analyzed and been involved in over the last year, we have seen an emerging need for organizations to now embrace a new kind of policy – a security incident RECOVERY policy.
 
This policy should extend from the incident response policy and create a decision framework, methodology and taxonomy for managing the aftermath of a security incident. Once the proverbial “fire has been put out”, how do we clean up the mess, recreate the records we lost, return to business as usual and analyze the impacts all of this had on our operations and long term bottom line? As a part of this process, we need to identify what was stolen, who the likely benefactors are, what conversion events have taken place or may occur in the future, how the losses impact our R&D, operational state, market position, etc. We also need to establish a good working model for communicating the fallout, identified issues, mitigations, insurance claims, discoveries and lessons learned to stakeholders, management, customers, business partners and shareholders – in addition to the insurance companies, regulators and law enforcement.
 
As you can imagine, this can be a very resource intensive process and since post-incident pressues are likely to remain high, stress levels can be approaching critical mass and politics can be rampant, having a decision framework and pre-developed methodology to work from can be a life saver. We suggest following the same policy development process, update timeframes and review/practice schedules as you do for your incident response policy.
 
If your organization would like assistance developing such a policy, or would like to work through a training exercise/practice session with an experienced team, please feel free to work with your account executive to schedule such an engagement. We also have policy templates, work sheets and other materials available to help with best practice-based approaches and policy creation/reviews.

Network Segmentation: A Best Practice We Should All be Using

It would be nice to be able to say that we are winning the war; that network security efforts are slowly getting the better of the bad guys. But I cant do that. Despite all the money being thrown at security tools and hosted services, the cyber-thugs are improving their game at a faster rate than we are. The ten worst known cyber security breaches of this century have all taken place since 2008, and 2013 and 2014 are notorious for their information security incidents.

I think there are a multitude of reasons for this state of affairs to exist. One is confusion, indecisiveness and slow reaction times among regulatory bodies and standards providers. Another is the check the boxcompliance mentality that exists both in government agencies and in the private sector. A third is simply the insane rate of innovation in the information technology realm. There are many more. But despite the reasons, one thing is clear: we have to stop rigidly complying with baseline standards and move into the more flexible and effective world of best practices. And today the best practice I want to touch on is network segmentation.

In our business we see a lot of computer networks that are just flat. There is little or no network segmentation and anyone on the inside can pretty much see everything. I cant begin to tell you how easy this kind of setup makes it for us during penetration testing success is virtually assured! And its amazing how even just basic network segmentation can slow us down or stop us all together.

A good reason to start with network segmentation is that you can go at in easy stages. Maybe you can begin by segmenting off a separate development or test network. Those are pretty basic and can give your networking team some valuable experience for more difficult efforts to come. Then you can ensure that user spaceis separated from server space. Doing just that much can have an amazing effect – it really helps to thwart successful cyber-attacks.

As the team gains confidence in their abilities, they can move onto the next step: real enclaving of the network. This is anything but a trivial effort, and it requires detailed knowledge of the various functions of the different business departments and how information moves into and out of each one of them (a task made very much easier if the company has a good business continuity program and business impact analysis in place). But in the long run these efforts will be well worth the trouble. It is very difficult indeed to gain access to or exfiltrate information from a well enclaved network especially from the Internet.

This blog post by John Davis.


Best Practices for DNS Security

I wanted to share with you a great FREE resource that I found on the Cisco web site that details a great deal of information about DNS and the best practices around securing it. While, obviously, the content is heavy on Cisco products and commands, the general information, overview and many of the ideas contained in the article are very useful for network and security admins getting used to the basics of DNS.

Additionally, there are great resources listed, including several free/open source tools that can be used to manage and monitor DNS servers. 

If you are interested in learning more about DNS or need a quick refresher, check this article out. 

You can find it here.

Several other resources are available around the web, but this seems to be one of the best summaries I have seen. As always, thanks for reading and let me know on Twitter (@lbhuston) if you have other favorite resources that you would like to share.

Guest Post: More on BYOD

As the world of computers, mobile devices, and technology in general, continue to exponentially evolve, so too must our need and desire to secure our communications, our data, and to that end our privacy. There is hardly a day that goes by anymore that we don’t hear of some major security breach of a large corporation, but this also directly impacts the individual. We have to make a concerted effort to protect our information – particularly on our mobile devices. Our mobile devices are inherently difficult to secure because they send their data over WiFi, which is susceptible to man-in-the middle attacks. We must pursue the security of our data on our mobile devices passionately. People nowadays carry so much private and more importantly valuable information on them that we just absolutely have to protect it. Particularly in this age of BYOD (bring your own device) to work. An even more difficult realm for the infosecurity folks trying to protect their networks. How does one protect a device on a network from malicious intent? How does one keep viruses, Trojans and worms off of the networks when everyone seems to be plugged in to their devices? This article intends to describe some steps that one can take to protect their mobile device both locally by encrypting the mobile device itself and also by utilizing apps that help to secure their email and telemobile device conversations from malevolence.  

 

As noted on the previous article on State of Security released on June 17, 2014, Brent recently discussed 3 tips for BYOD, which were to get these devices off of the production networks, teach people about mobile device security, and finally use what you already have to your advantage when it comes to your own architecture when developing BYOD policies and processes.

 

There are numerous steps that the IT folks can take to help secure their networks in this age of BYOD as mentioned in our previous article, but there are also some very simple and usefultips that we can all follow that will help us in protecting our mobile devices too.

 

Every company should have policies in place regarding the use and misuse of BYOD devices. This must include encryption of the data and remote wiping of the data if the device is lost or stolen, (such as Find my iMobile device, Android Lost, Mobile Security, and Autowipe,). Assuming the BYOD device is under the company’s control.  If not then as  mentioned in the previous article getting these devices off of the production network is a must. Every  company should at least require authentication and hopefully two-factor authentication of the device.  This would allow the organization some degree of control when it comes to resetting passwords, locking the device when it’s not in use, logging, etc. If it’s not, then asking employees to adhere and sign a code of conduct with regard to their device is a must, as well as periodic employee education. A quick Google search will reveal apps that can help with two-factor authentication too. Such as RSA Secure Alternative, SMS passcode, and Duosecurity.

 

The next step is to encrypt the mobile device itself upon ending your session. Thereby protecting your information from even the apps that you currently having running on the mobile device itself. All apps go through an approval process where they are tested, validated and checked for security, but there have been times where an app passed through such a process and still contained malicious code that sent back stolen personal information to the attacker. This is a particular issue in the Android market. Companies such as Cryptanium and Arxan offer integrity protection, jailbreak detection, anti-debug detection and reverse engineering protection. So if a attacker does manage to get ahold of your device it makes it much more tamper resistant. 

 

Apps that offer encrypted communication such as voice, video, text and/or file transfers are also a consideration. Silent Circle, Redmobile device and Whisper Systems offer such encrypted communication for a fee. Wickr and Cryptocat do this too, but are free. If you are just interested in encrypted text messages (SMS) then perhaps Babel, Whisper, or Akario is for you.

 

In today’s mobile device market there are a plethora of apps many of which do what they describe when it comes to helping to protect our information. Yet as with anything else if there is a will, there is a way, this is particularly true for those that mean to steal our information. If they have a desire to acquire your information they will make a concerted effort to try to extract it from your device. It is up to us to make it as difficult as possible for them to ever get it. For now there does’t seem to be a lot of apps that actually encrypt all of your information locally to the mobile device. Or if it does offer some degree of encryption then it does so over a potentially vulnerable, networked platform. In short there is no single magic bullet that will encrypt all of your mobile devices data and communications for free, but there are some out there for a fee will offer to do so. The other issue that arises is if you use said company do they have access to the information that you were trying to protect in the first place. What’s to keep a rogue employee from accessing your data? All of this can make your head spin. The moral of the story is to make good choices, use your common sense and don’t put anything on a mobile device that you aren’t willing to share with others. Be safe out there.

 

About Preston:

Preston Kershner is new to the info-security family, where he has a variety of lateral interests in topics such as cybersecurity, information security, incident handling and response, computer forensics and malware analysis. Preston has been in the medical field for over 20 years and is currently transitioning into the infosec community. When not being an information junkie, Preston enoys spending time with his family. He also enjoys learning everything he can about astrobiology (the search for exoplanets that have a potential to habour life). You can follow Preston as he continues to expand his knowledge and experience in these realms at http://www.linkedin.com/pub/preston-kershner/3a/493/965/ & follow him on Twitter (@redman7373).

 

About Brent:

Brent Huston is the Security Evangelist and CEO of MicroSolved, Inc. He spends a LOT of time breaking things, including the tools/techniques and actors of crime. When he is not focusing his energies on chaos & entropy, he sets his mind to the order side of the universe where he helps organizations create better security processes, policies and technologies. He is a well recognized author, surfer, inventor, sailor, trickster, entrepreneur and international speaker. He has spent the last 20+ years dedicated to information security on a global scale. He likes honeypots, obscure vulnerabilities, a touch of code & a wealth of data. He also does a lot of things that start with the letter “s”. You can learn more about his professional background here: http://www.linkedin.com/in/lbhuston & follow him on Twitter (@lbhuston).

 

Disclaimer:

It should be noted that some of the apps are free, some apps are cloud-based, some are open source and some are at a cost to the consumer. In no way do we endorse the applications in this article.