About Mary Rose Maguire

Mary Rose Maguire was the Marketing Communication Specialist for MicroSolved, Inc. and the content curator for the State of Security blog, MSI's website, and social media.

MicroSolved, Inc. Receives U.S. Patent For HoneyPoint Defensive Fuzzing InfoSec Tool

MicroSolved, Inc. is pleased to announce that they have received a U.S. Patent (8,196,204 B2) on June 5, 2012, on technology components of their product HoneyPoint Security Server. This technology, known as “defensive fuzzing,” and the improvement mechanisms associated with it are a core component of creating self-defending implementations with HoneyPoint. 

The defensive fuzzing mechanism allows a computer network’s HoneyPoints to listen for an incoming connection from an attacker, and then disrupt that connection by tampering with the expected responses — in essence “fuzzing” the conversation. In many cases, this can confuse or crash the attacker’s tools or malware, limiting their capability to perform further attacks or damage.

The patent also covers a quality improvement technique for HoneyPoint technology. As the defensive fuzzing occurs, HoneyPoint tracks how successful it was with a given fuzzing technique. It has the ability to share that knowledge among various HoneyPoints so that as the system gets better with defensive fuzzing, the entire distributed system gets better at protecting the user’s environment.

This feature of MSI’s HoneyPoint detection system takes a passive defense and turns it into an active defense that can protect itself without human intervention.

“At MSI, we are truly committed to helping organizations protect their information assets, and we see this patent on defensive fuzzing as the next logical extension in helping organizations achieve high levels of protection with lower levels of resource requirements,” said Brent Huston, CEO and Founder of MicroSolved, Inc. “We are truly dedicated to extending even further in the future, the capability for organizations to defend their intellectual property.”

For more information about HoneyPoint, please visit our HoneyPoint webpage. To learn more about MicroSolved, Inc., visit wwww.microsolved.com.

 

Audio Blog Post: Spear Phishing

Brent Huston, CEO and Founder of MicroSolved, Inc., discusses with Chris Lay, Account Executive, the new trends with spear phishing. In this audio blog post, you’ll learn:

  • How traditional spear phishing has changed
  • The new approach attackers are now using
  • The LinkedIn password breach and how it could be used in phishing attacks
  • Some non-traditional spear phishing campaigns

Grab a drink and take a listen. As always, let us know what you think!

Click here to listen.

How Honeypots Can Help Safeguard Your Information Systems

 

 

 

 

 

 

 

A honeypot is a trap set to detect or deflect attempts at unauthorized use of information systems. Generally it consists of a computer, data or a network site that appears to be part of a network but which is actually isolated and protected, and which seems to contain information that would be of value to attackers.

It is important to note that honeypots are not a solution in themselves. They are a tool. How much they can help you depends upon what you are trying to achieve.

There are two different types of honeypots: production and research. Production honeypots are typically used by companies and corporations. They’re easy to use and capture only limited information.

Research honeypots are more complex. They capture extensive information, and used primarily by research, military, or government organizations.

The purpose of a production honeypot is to mitigate risk to an organization. It’s part of the larger security strategy to detect threats. The purpose of a research honeypot is to collect data on the blackhat community. They are used to gather the general threats against an organization, enabling the organization to strategize their response and protect their data.

The value of honeypots lies in their simplicity. It’s technology that is intended to be compromised. There is little or no production traffic going to or from the device. This means that any time a connection is sent to the honeypot, it is most likely to be a probe, scan, or even attack. Any time a connection is initiated from the honeypot, this most likely means the honeypot was compromised. As we say about our HoneyPoint Security Server, any traffic going to or from the honeypot is, by definition, suspicious at best, malicious at worst. Now, this is not always the case. Mistakes do happen, such as an incorrect DNS entry or someone from accounting inputting the wrong IP address. But in general, most honeypot traffic represents unauthorized activity. What are the advantages to using honeypots?

  1. Honeypots collect very little data. What they do collect is normally of high value. This eliminates the noise, making it much easier to collect and archive data. One of the greatest problems in security is sifting through gigabytes of useless data to find something meaningful. Honeypots can give users the exact information they need in a quick and easy to understand format.
     
  2. Many security tools can drown in bandwidth usage or activity. NIDs (Network Intrusion Detection devices) may not be able to handle network activity, and important data can fall through the cracks. Centralized log servers may not be able to collect all the system logs, potentially dropping logs. The beauty of honeypots is that they only capture that which comes to them.

Many of our clients swear by our HoneyPoint family of products to help save resources. With its advantages, it’s easy to see why! Leveraging the power of honeypots is an excellent way to safeguard your data.

 

How HoneyPoint Security Server Minimizes Risk For Your Network

If you’re looking for a security tool that goes beyond NIDS, you’re in luck.

MicroSolved’s HoneyPoint Security Server has revolutionized the ease and power of what honeypots can do and be. With the emergence of HoneyPoint Wasp, you can also apply the HoneyPoint magic to your Windows desktops. 

HoneyPoint Wasp monitors your desktops for any new applications it has not seen before (Anomaly Detection). Should Wasp detect new code, the end-user will never see a pop-up alert. Instead, you will be notified and able to quickly take action. Should the notification go without follow-up action, HoneyPoint Wasp assumes the allowed application, and no future notification will be sent to the console (Self-Tuning White Listing).

As you’ll see in a moment, the HoneyPoint Security Server is much more than a mere intrusion detection system.. It’s an underlying framework of rock-solid code that’s been built to achieve three important goals: identify real threats, isolate and tamper with the attacker’s results, and “smart” detection processes that allow you to target attacker availability.

Let’s take a look at each of these goals, and why they matter to what you’re doing online…

Click to continue…

MicroSolved, Inc. Receives Prestigious BBB Center for Character Ethics Torch Award

MicroSolved, Inc. is honored to announce that they are the recipient of the prestigious 2012 BBB Center for Character Ethics 18th annual Torch Awards for EthicalEnterprising℠. 

The recipients will be honored at the Torch Award Centennial Gala Luncheon, held at the Hyatt Regency Ballroom in downtown Columbus on September 6, 2012.

Five businesses and one non-profit organization have been selected as recipients of the prestigious 2012 Torch Award.

Founded in 1994, the national award-winning “educate & recognize” program is the premier public recognition of organizations that intentionally pursue the six TRUST! Principles of EthicalEnterprising. The award embodies the BBB Center’s mission of advancing marketplace trust.

A panel of judges selected these organizations based on the six EthicalEnterprising criteria and demonstrated a high level of trust among their employees, customers and their communities. 

“We are deeply honored to be selected for this award,” said Brent Huston, CEO and Founder of MicroSolved, Inc. “We have always worked hard to build and maintain relationships of trust with our customers. Our employees also realize that trust is a vital part of our company ethos and they work together to strengthen it each day. The Torch Award helps encourage ethical business practices. We’re quite humbled to stand beside other organizations who also value the same commitment to best practices and benchmarks.”

MicroSolved, Inc. has been providing information security services to Fortune 500 companies, government, financial institutions, and education systems for twenty years.

To learn more about MicroSolved, Inc., visit wwww.microsolved.com.

 

Brent Huston Receives ISSA Senior Award

MicroSolved, Inc. is pleased to announce that Brent Huston, CEO and Founder of MicroSolved, Inc., received ISSA’s International Senior Member Award, presented at the 5th Annual Central Ohio ISSA InfoSec Summit in Columbus, Ohio. Mr. Huston is the first member of the Central Ohio Chapter to receive this award.

The International Senior Member Award is given to those who have contributed to the security community and sustained membership in the association. Mr Huston has been an ISSA member for 7 years and has twenty years of work experience in the information security field. Huston has spoken at many ISSA chapter meetings and also is a popular presenter at regional ISSA conferences.

“My mission is to continue to evangelize and help organizations go beyond protecting their confidential data from attacks, to actively detecting attacks so they can take action quickly and minimize their risk,” said Huston. “I’m fortunate to work with great people and we’re all committed to the same goal: to keep data safe.”

MicroSolved, Inc. has been providing information security services to Fortune 500 companies, government, financial institutions, and education systems for twenty years.

To learn more about MicroSolved, Inc., visit www.microsolved.com.

Audio Blog Post: Twitter Favorites

We’re kicking off the week by talking about some of our favorite feeds on Twitter!

Brent Huston, CEO and Security Evangelist for Microsolved, Inc., interviews Chris Lay, Account Executive and Mary Rose Maguire, Marketing Communication Specialist, about their favorite kinds of tweets. 

We like Twitter to keep up with other security professionals to discover what’s trending. It’s a great way to exchange quick information and alert others when a security issue arises. Plus, our #HITME stream through our MSI HoneyPoint Feed Twitter account has already helped other organizations by alerting them to suspicious activity caught on various ports.

If you’d like to follow the MSI crew, here we are:

Here are a few of our favorites we mentioned:

Click Here To Listen To The Audio Blog Post!

 

 

Hooray! An Open-Source Password Analyzer Tool!

 

 

 

 

 

 

 

I’m one of the resident “Password Hawks” in our office. Our techs consistently tell people to create stronger passwords because it is still one of the most common ways a hacker is able to infiltrate a network.

However, we live in an age where it’s not just hackers who are trying to steal an organization’s data. There are also a variety of malcontents who simply want to hack into someone’s account in order to embarrass them, confirm something negative about them, or be a nuisance by sending spam.

This is why it is important to create a strong password; one that will not be easily cracked.

Enter password analyzer tools. Sophos’ “Naked Security” blog posted a great article today about the often misleading security policies of popular online social sites. Developer Cameron Morris discovered that if he followed one social site’s policy, he actually created a more easily “crackable” password than the one they deemed weak.

About three years ago, developer Cameron Morris had a personal epiphany about passwords, he recently told ZDNet’s John Fontana: The time it takes to crack a password is the only true measure of its worth.

Read the rest of the article here.

There is a free analyzer you can use and I strongly suggest you test the strength of your passwords with it.

Passfault Analyzer

Also, Morris created a tool for administrators that would allow them to configure a password policy based on the time to crack, the possible technology that an attacker might be using (from an everyday computer on up to a $180,000 password attacker), and the password protection technology in use (from Microsoft Windows System security on up to 100,000 rounds of the cryptographic hash function SHA-1/).

OWASP Password Creation Slide-Tool

This is one of the best articles I’ve read on password security, plus it has tools for both the end-user and the administrator. Test them out yourself to see if you have a password that can resist a hacker! 

As for me, I think I need to do a little more strengthening…

Have a great Memorial Day weekend (for our U.S. readers) and stay safe out there!

Audio Blog Post: Moving Toward Detection in Depth

Brent Huston, CEO and Security Evangelist for MicroSolved, Inc., explains how organizations need to move from a focus on prevention to detection.

Joined by MSI’s Account Executive Chris Lay and Marketing Communication Specialist Mary Rose Maguire, Brent maps out how an organization can get detective controls closer to the data and shows that IT departments can have a “payoff” if they pursue nuanced detection.

Click here to listen to the audio post!

13 Tips to Secure Your Virtual Machine Environment

Virtual environments are becoming more popular, providing advantages such as enabling multiple OS environments to co-exist and providing disaster recovery solutions.

Virtual machines easily tests scenarios, consolidate servers, and can move disk files and some configuration files between physical machines.

Safeguarding your virtual server environment is vital, even though it doesn’t have the same issues as a physical environment. Here are a few tips to keep things running smoothly:

  1. Install only what you need on the host machine. Keep your OS and applications current for both virtual and host machines.
     
  2. Isolate each virtual machine you have by installing a firewall. Only allow approved protocols to be deployed.
     
  3. Ensure that antivirus programs are installed on the virtual machines and kept current with updates. Virtual machines, like physical machines are at risk for viruses and worms.
     
  4. Utilize strong encryption between the host and virtual machines.
     
  5. Avoid internet surfing from the host computer. Spyware and malware could easily infiltrate through the the host computer and spread to the virtual machines.
     
  6. Prevent unauthorized access by securing accounts on the host machine.
     
  7. Only use what you need. If you’re not utilizing a virtual machine, shut it down.
     
  8. If a virtual machine does not need to connect with each other, isolate it. Use a separate network card on a different network range.
     
  9. Monitor the event log and security events on both the host machine and on the virtual machine. These logs need to be stored in your log vault for security and for auditing purposes at a later date.
     
  10. Ensure that any hardware you use is designed for VM usage.
     
  11. Strictly manage remote access to virtual machines and especially to the host machine, this will make exposure less likely.
     
  12. Remember, the host machine represents a single point of failure. Technologies like replication and continuity help with reducing this risk.
     
  13. Avoid sharing IP addresses. Again this is typical of sharing a resource and will attract problems and vulnerabilities.

Using these tips will help you make the most of your physical and virtual environments so if anything interrupts your business, you are prepared.

Are You Attending the 2012 Central Ohio InfoSec Summit?

 

We’re excited to be a part of this year’s 5th Annual 2012 Central Ohio InfoSec Summit! Each year it keeps getting better and better, and this year is no different.

MicroSolved’s CEO and founder, Brent Huston will be presenting “Detection in Depth: Changing the PDR Focus.” Phil Grimes will also present “Attacking Mobile Devices” in the Advanced Technical Track.

There are other great speakers lined up. Included are:

  • Bill Hagestad, author of 21st Century Chinese Cyber Warfare
  • Jay Jacobs, a Principal with Verizon’s RISK Intelligence team, will focus on cyber crime
  • Curtis Levinson, who has served two sitting Presidents of the United States, two Chairman of the Joint Chiefs of Staff and the Chief Justice of the United States, who will be presenting on a balanced approach for survivability and sustainability in the cyber realm

There are more great speakers, plus over thirty vendors who help businesses stay secure. We hope to see you at the event! It promises to be a great time re-connecting with old friends, making new connections, and learning new approaches toward a proactive information security strategy.

See you there!