Touchdown Task for August – Change Management Audit

This month, we urge all infosec teams to engage in a quick 30 minute audit of your change management processes.

Here are some quick win questions to ask of the change management team:

  • How often does the change management team meet & what is the time frame for turning around a change order?
  • What percentage of actual changes to the environment went through the change process in the last 12 months?
  • Where can we locate the documents that specifically describe the change management process and when were they last revised?
  • Please describe how exceptions to the change management process are handled.
  • How are changes to the environment audited against what was provided to the change management team?
  • What happens if a change is identified that did NOT go through the change management process?

There are plenty of online guidance sources for additional questions and audit processes, but these quick wins will get you started. As always, thanks for reading and keep working on your monthly touchdown tasks. Be sure to touch base with us on Twitter (@microsolved) should you have any questions about the work plans.

Do You Browse From a Virtual Machine?

Configure 256

This article brings to mind an interesting trend we see going on among our financial and highly regulated clients – using a virtual machine for all Internet browsing. Several of our clients have begun using this technique in testing and small production groups. Often they are using ChromeOS images with VirtualBox or some other dedicated browser appliance and a light VM manager. 

Have you or your organization considered, tried or implemented this yet? Give us a shout on Twitter (@lbhuston, @microsolved) and let us know your thoughts. Thanks for reading!

Three Security People You Should Be Following on Twitter

Network 256

There are a lot of security people on Twitter. There are a lot of people people on Twitter. That said, finding great people to follow on Twitter is often a difficult task, especially around something as noisy as Information Security.

That said, I wanted to take a quick moment and post three people I think you should be following on Twitter in the Infosec space and might not be.

Here they are, in no particular order:

@sempf – A great person (and a personal friend), his posts rock the mic with content ranging from locksport (lock picking as a sport/hobby), deep coding tips, application security and even parenting advice. It’s fun! 

@abedra – Deep knowledge, deep code advice (ask him about Clojure…we’ll wait…). The inventor of RepSheet and whole bunch of other cool tools. His day gig is pretty fun and he is widely known for embracing the idea of tampering with attackers and their expectations. Check him out for a unique view. Do remind him to change hats occasionally, he often forgets… 🙂

@NocturnalCM – Hidden deep in the brain of the person behind this account is an incredible wealth of knowledge about cellular infrastructures, mobile code, security, devops and whole lot more. Don’t let the “Code Monkey” name fool you, there’s a LOT of grey matter behind the keyboard. If nothing else, the occasional humor, comic strips and geek culture references make them a worthwhile follow!

So, there you go. 3 amazing people to follow on Twitter. PS – they also know some stuff about infosec. Of course, you can always follow me (@lbhuston) and our team (@microsolved) on Twitter as well. As always, thanks for reading and get back to keeping the inter-tubes safe for all mankind!

Are You Using STIX?

In the last several weeks, we have been working on a new iteration of our threat intelligence offering for some of our clients. In many of the cases, we expected to hear that folks have embraced the STIX project from MITRE as the basis for sharing such data.

Sadly, however, many customers don’t seem to be aware of the STIX project. As such, can you please take a moment and review it, via the link and then let us know via email, Twitter of comments if you or your chosen security products currently support it?

Thanks for your help and insight! As always, we appreciate the feedback. 

Email: info <at> microsolved [dot] com

Twitter: @microsolved or @lbhuston

Thanks again!

Interested in What We Do? Join MSI Now!

We are thrilled to announce the immediate availability for a new position at MSI. Yes, if you have what it takes, you can join our team! We are seeking a very talented, motivated individual who can come aboard and help us with tasks related to HoneyPoint and TigerTrax. The new position is detailed below. The successful candidate will be local to the Central Ohio area (must be able to be work from the Columbus HQ) and will be motivated, engaging and capable of self-directed work. Primarily, the position will be focused on helping clients with scoping and installation of HoneyPoint and performing TigerTrax engagements.

Future career options for the position would be a choice between pursuing a future position on the technical security team (including pen-testing, etc.) or to grow into the deeper intelligence/research team that currently is embodied by TigerTrax. While the initial position will expose you to both, together, we can help scope where your interests and talents lie. Management and team leadership are also possible in either career path, as well.

This is a full time salary position, with benefits and a wide range of flexible working arrangements once the proper skills and trust are built. It also includes profit sharing, 401K with match and a variety of other benefit packages.

Successful candidates will present a resume, cover letter and a sample of their professional writing. You can apply for the position by emailing these items (PDF format) to info <at> microsolved <dot> com. No calls or placement/recruiters, please.

Further details of the position:

The information technology analyst is a key member of the MicroSolved, Inc. team who specializes in our software and research tool set. This team member must be: 

  • proficient with research skills
  • knowledgeable of social media networks and formats
  • knowledgeable of basic networking skills
  • proficient with Windows, Mac OS/X and Linux at the command line
  • proficient with command line scripting (shell/Python) and be a power-user of the Internet 

The successful analyst should be detail oriented, enjoy reading, solving logic and language puzzles and be proficient with technical writing and technical reports. Occasional travel, including internationally, is required. 

This team member is responsible for research projects beginning with data generation through report preparation and delivery to the client. This team member is also responsible for the scoping and deployment of MicroSolved, Inc’s threat detection platform – HoneyPoint Security Server (HPSS). 

As always, thanks for reading, and I hope to see you on the team very soon!