Chris talks about MicroSolved, Inc. and shares his excitement about our ability to help companies create a threat-centric information security strategy.
Welcome, Chris!
Meet Our New Information Security Account Exec: Chris Lay
Reply
Author Archives: Mary Rose Maguire
Friday Fun: Audio Blog Surprise Interviews
Brent interviews two unsuspecting MSI staff who share a few surprising facts. One is associated with a diminutive musical instrument and the other with a state-champion sports team. Take a listen!
Surprise Interview
Follow us on Twitter!
MicroSolved’s Strategies & Tactics Talk: #3 APT: Less Advanced Than You May Think
So how “advanced” is APT?
Listen in as our tech team discusses various aspects of APT such as:
- How it has been portrayed.
- Why it often isn’t an advanced threat
- Where do they originate?
- What can companies do about APT?
Panelists:
Brent Huston, CEO and Security Evangelist, MicroSolved, Inc.
Adam Hostetler, Network Engineer and Security Analyst
Phil Grimes, Security Analyst
Mary Rose Maguire, Moderator, Marketing Communication Specialist, MicroSolved, Inc.
Click the embedded player to listen. Or click this link to access downloads. Stay safe!
Audio Blog: Brent Huston – HoneyPoint Security Server Manifesto Part Two
We continue our interview with Brent Huston as he answers a few questions about HoneyPoint Security Server, and HoneyPoint Agents.
In this installment, you’ll learn:
- What HoneyPoint Agent is and its role in the suite
- How information techs are using HoneyPoint
- How can people use Agent with DNS and blacklisting, and why it’s significant
- What HoneyPoint Decoy is and how it is utilized in an environment
- The three different “flavors” of HoneyPoint Decoy
MSI HoneyPoint Featured on Virtualization Security Podcast
Brent Huston, CEO and Security Evangelist of MicroSolved, Inc., was recently a guest for the popular podcast, “Virtualization Security Podcast.”
Brent talked about HoneyPoint Wasp and discussed with other panelists how honeypot technology can help an organization detect real attacks and also the legal ramifications of stealth monitoring.
The Virtualization Practice also featured HoneyPoint in their recent post, “New Virtualization Security Products Available.”
The podcast panelists include;
- Edward L. Haletky, Author of VMware vSphere and Virtual Infrastructure Security: Securing the Virtual Environment and virtualization security analyst, as Moderator.
- Michael Berman, CTO of Catbird Security
- Iben Rodriguez, Independent Virtualization and Security Consultant and Maintainer of the ESX Hardening Guidance from CISecurity
Click on the player below to listen. To listen on iTunes or download the MP3, go here. Enjoy!
Introducing: MicroSolved’s Strategies & Tactics Talks!
We’re adding a new feature to our blog: MicroSolved’s Strategies & Tactics Talks!
Every other week, we’ll focus on some of the hottest security issues that are trending, with insights and advice regarding the good, the bad, and the ugly. Make sure to tune in or save the mp3 to your folder so you can download it to your favorite player.
Our first episode: Sony’s Security Woes
Brent Huston sat down with MicroSolved, Inc.’s security team to discuss what Sony did right with their batch of security breaches. Click the embedded player to listen. Or click this link to access downloads. Stay safe!
Audio Blog: Brent Huston – HoneyPoint Security Server Manifesto
Brent Huston answers a few questions about HoneyPoint Security Server, how it began, what is happening with it today, and the creative ways other techs are using it. Click the link to listen or right-click to download it.
Calling Central Ohio CIOs, CTOs, and IT Warriors: InfoSec Summit Next Week!
We’re getting excited about the upcoming Central Ohio InfoSec Summit, held at the Hyatt Regency in Columbus next week on Thursday, May 12 and Friday, May 13.
Our CEO, Brent Huston will be speaking and also Phil Grimes, Security Analyst.
I’ll be floating around, helping Constance Matthews, our Account Executive, with registration and other fun activities, which you’ll learn about during Brent’s presentation, so don’t miss out!
If you’re not registered yet, here’s the link. Each year this summit gets better and better. The speakers are top notch, and incredibly generous with their expertise. And the food is fabulous, as well as the reception Thursday evening.
We hope to see you there!
All Your Creds Are Belong To Us? How To Harden Your Passwords and Protect Your ‘Base.’
In an article published some time ago, a project led by a computer science professor at Columbia University had done some preliminary scanning of some of the largest Internet Service Providers (ISPs) in North America, Europe, and Asia and uncovered thousands of embedded devices susceptible to attack, thanks to default credentials and remote administration panels being available to the Internet.
This is amazing to us here at MSI. It is astounding that such a number of people (and possibly organizations) who don’t take into account the security implications of not changing these credentials on outward facing devices, exists! This goes beyond patching systems and having strong password policies. It’s highly unlikely you’re developing strong passwords internally if you’re not even changing what attackers know is true externally.
The fact that these devices are available is quite scary. It becomes trivial for an attacker to take over control of what is likely the only gateway in a residential network. The average user has little need to access these devices on a regular basis, so hardening the password and recording it on paper or even using a password vault like TrueCrypt is a good option for reducing the threat level. More importantly, how many home users need outside access to their gateway?
This all goes back to the common theme of being an easy target. If you let attackers see you as the low hanging fruit, you’re just asking to become a statistic. This is the digital equivalent to walking down a dangerous street at night with your head down, shoulders slumped, avoiding eye contact, and having hundred dollar bills popping out of your pockets! We can’t make it easy for them. It’s important that we make them think twice about attacking us- and simple things like changing default passwords or patching our machines (automatic updates, anyone?) allow us to take advantage of that 80% result with only 20% effort!
Martin McKeay Interview: Verizon Data Breach Investigations Report
I just listened to Martin McKeay’s interview with Alex Hutton and Chris Porter on the latest Verizon Data Breach Investigations Report.
It’s a good interview, with Hutton and Porter both outlining how the report compared with last year’s and what surprised them. Here’s a link to the report.
Check out the podcast, which is about 30 minutes in length. And if you can figure out what the “secret code” is on the report’s cover, let us know. We like mysteries!