CSO Online Interview

Posted on August 14, 2012 by Brent Huston

Our founder & CEO, Brent Huston (@lbhuston) just had a quick interview with CSO Online about the Gauss malware. Look for discussions with Brent later today or tomorrow on the CSO site. Our thanks to CSO Online for thinking of us!

Update 1: The article has been posted on CSO Online and you can find it here.

Brent would also like to point out that doing the basics of information security, and doing them well, will help reduce some of the stomach churning, hand wringing and knee-jerk reactions to hyped up threats like these. “Applying the MSI 80/20 Rule of InfoSec throughout your organization will really give folks better results than trying to manage a constant flow of patches, updates. hot fixes and signature tuning.” Huston said.

MicroSolved, Inc. Receives U.S. Patent For HoneyPoint Defensive Fuzzing InfoSec Tool

Posted on June 20, 2012 by Mary Rose Maguire

MicroSolved, Inc. is pleased to announce that they have received a U.S. Patent (8,196,204 B2) on June 5, 2012, on technology components of their product HoneyPoint Security Server. This technology, known as “defensive fuzzing,” and the improvement mechanisms associated with it are a core component of creating self-defending implementations with HoneyPoint.

The defensive fuzzing mechanism allows a computer network’s HoneyPoints to listen for an incoming connection from an attacker, and then disrupt that connection by tampering with the expected responses — in essence “fuzzing” the conversation. In many cases, this can confuse or crash the attacker’s tools or malware, limiting their capability to perform further attacks or damage.

The patent also covers a quality improvement technique for HoneyPoint technology. As the defensive fuzzing occurs, HoneyPoint tracks how successful it was with a given fuzzing technique. It has the ability to share that knowledge among various HoneyPoints so that as the system gets better with defensive fuzzing, the entire distributed system gets better at protecting the user’s environment.

This feature of MSI’s HoneyPoint detection system takes a passive defense and turns it into an active defense that can protect itself without human intervention.

“At MSI, we are truly committed to helping organizations protect their information assets, and we see this patent on defensive fuzzing as the next logical extension in helping organizations achieve high levels of protection with lower levels of resource requirements,” said Brent Huston, CEO and Founder of MicroSolved, Inc. “We are truly dedicated to extending even further in the future, the capability for organizations to defend their intellectual property.”

For more information about HoneyPoint, please visit our HoneyPoint webpage. To learn more about MicroSolved, Inc., visit wwww.microsolved.com.

MicroSolved, Inc. Receives Prestigious BBB Center for Character Ethics Torch Award

Posted on June 11, 2012 by Mary Rose Maguire

MicroSolved, Inc. is honored to announce that they are the recipient of the prestigious 2012 BBB Center for Character Ethics 18th annual Torch Awards for EthicalEnterprising℠.

The recipients will be honored at the Torch Award Centennial Gala Luncheon, held at the Hyatt Regency Ballroom in downtown Columbus on September 6, 2012.

Five businesses and one non-profit organization have been selected as recipients of the prestigious 2012 Torch Award.

Founded in 1994, the national award-winning “educate & recognize” program is the premier public recognition of organizations that intentionally pursue the six TRUST! Principles of EthicalEnterprising. The award embodies the BBB Center’s mission of advancing marketplace trust.

A panel of judges selected these organizations based on the six EthicalEnterprising criteria and demonstrated a high level of trust among their employees, customers and their communities.

“We are deeply honored to be selected for this award,” said Brent Huston, CEO and Founder of MicroSolved, Inc. “We have always worked hard to build and maintain relationships of trust with our customers. Our employees also realize that trust is a vital part of our company ethos and they work together to strengthen it each day. The Torch Award helps encourage ethical business practices. We’re quite humbled to stand beside other organizations who also value the same commitment to best practices and benchmarks.”

MicroSolved, Inc. has been providing information security services to Fortune 500 companies, government, financial institutions, and education systems for twenty years.

To learn more about MicroSolved, Inc., visit wwww.microsolved.com.

Brent Huston Receives ISSA Senior Award

Posted on June 8, 2012 by Mary Rose Maguire

MicroSolved, Inc. is pleased to announce that Brent Huston, CEO and Founder of MicroSolved, Inc., received ISSA’s International Senior Member Award, presented at the 5th Annual Central Ohio ISSA InfoSec Summit in Columbus, Ohio. Mr. Huston is the first member of the Central Ohio Chapter to receive this award.

The International Senior Member Award is given to those who have contributed to the security community and sustained membership in the association. Mr Huston has been an ISSA member for 7 years and has twenty years of work experience in the information security field. Huston has spoken at many ISSA chapter meetings and also is a popular presenter at regional ISSA conferences.

“My mission is to continue to evangelize and help organizations go beyond protecting their confidential data from attacks, to actively detecting attacks so they can take action quickly and minimize their risk,” said Huston. “I’m fortunate to work with great people and we’re all committed to the same goal: to keep data safe.”

MicroSolved, Inc. has been providing information security services to Fortune 500 companies, government, financial institutions, and education systems for twenty years.

To learn more about MicroSolved, Inc., visit www.microsolved.com.

Are You Attending the 2012 Central Ohio InfoSec Summit?

Posted on May 16, 2012 by Mary Rose Maguire

We’re excited to be a part of this year’s 5th Annual 2012 Central Ohio InfoSec Summit! Each year it keeps getting better and better, and this year is no different.

MicroSolved’s CEO and founder, Brent Huston will be presenting “Detection in Depth: Changing the PDR Focus.” Phil Grimes will also present “Attacking Mobile Devices” in the Advanced Technical Track.

There are other great speakers lined up. Included are:

Bill Hagestad, author of 21st Century Chinese Cyber Warfare
Jay Jacobs, a Principal with Verizon’s RISK Intelligence team, will focus on cyber crime
Curtis Levinson, who has served two sitting Presidents of the United States, two Chairman of the Joint Chiefs of Staff and the Chief Justice of the United States, who will be presenting on a balanced approach for survivability and sustainability in the cyber realm

There are more great speakers, plus over thirty vendors who help businesses stay secure. We hope to see you at the event! It promises to be a great time re-connecting with old friends, making new connections, and learning new approaches toward a proactive information security strategy.

See you there!

Are You Attending the 2012 ISSA Central Ohio InfoSec Summit?

Posted on April 25, 2012 by Brent Huston

If you are in the midwest and can make it to Columbus for the ISSA Summit this year, you owe it to yourself to do so. Great speakers, great content, an amazing location and some of the best folks from around the world, for two days focused on infosec. It’s been amazing the past several years. You can find info online about it here.

Some of the things I am looking forward to are getting to hear more from Richard Clarke (I might not always agree with his view, but he is an excellent speaker and a very good man.), and the rest of the speakers. In fact, there is not a speaker on the docket that I don’t think is amazing. We have developer insights, business folks, techno geeks, hackers, auditors and even a few MSI folks.

So, if you can come to town and be here May 17th and 18th, do so. If not, you’ll miss out on what is sure to be an amazing event.

Special thanks to the Columbus ISSA team for putting the event together. These folks work really hard to pull it off, and the volunteers on the day of the event go above and beyond to make it all happen. Please take a moment at the event and give them a pat on the back. If something would happen to go wrong, or could be done better, drop them a line in email and they will look at improving it next year. Thank them, in person, for all of the things that go right. Seriously, it helps. Even better, volunteer for the Summit and help them and the community out. It’s a great way to give back for all that the community does for all of us, all year long.

Thanks for reading and we’ll see you at the Summit!

Presentations Given at Midwest Energy Association Summit

Posted on April 12, 2012 by Mary Rose Maguire

On April 11, 2012, both Phil Grimes and Brent Huston were honored to present on the ICS/SCADA security topics at the Spring Gas Operations Summit in Indianapolis held by the Midwest Energy Association (MEA).

Phil covered the process of scoping security assessments for ICS/SCADA deployments and spent a lot of time with the crowd analyzing various scenarios for how to pick an assessment partner, how often to perform vulnerability assessments, how to closely control and properly use penetration testing and a variety of other topics specific to the crowd’s concerns.

Brent followed that presentation with a talk focused on honeypots in ICS/SCADA. He covered the history of honeypots in ICS deployments, the NIST guidance for honeypots (“canaries”) and the relevant locations and approaches to gathering attack data with them. The crowd also asked great questions about how to use the data from the systems, how to work together to leverage honeypot data as an industry and how to manage data anonymity for detected events.

Further discussions followed, with the MSI team sitting in the crowd as a round table, which went really well. They had excellent conversations about the state of the threat, the reliance on public infrastructures, cellular communication threats, network enclaving, detection techniques and the safety of Internet exposed HMIs.

MSI would like to thank MEA for allowing us to come in and engage with their attendees. It was a very interesting show and we think everyone learned a lot about where ICS/SCADA security is going in the next 1-3 years.

MSI Announces The Ohio SCADA Security Symposium

Posted on October 13, 2011 by Mary Rose Maguire

The need for the latest information about SCADA/ICS is extended to Ohio businesses and utility companies and supports security for Ohio. We’d like to invite all Ohio SCADA/ICS professionals to attend this free event!

The Ohio SCADA Security Symposium, to be held on November 1, 2011 in Columbus, Ohio, is designed to serve as a level set for teams and organizations who are actively managing production SCADA and Industrial Control System (ICS) environments in Ohio.

A full one day session will include best practices advice, incident response, detection techniques and a current threat briefing focused on SCADA/ICS providers. Presenters will cover a variety of topics about what is working and what is not, in terms of information security, network protection and trust management.

Takeaways from this event will include peer networking, insights into emerging threats, action items for actively improving the availability, integrity and confidentiality of control systems, utility networks, manufacturing lines and other SCADA/ICS concerns.

Topics include: How the State Is Here to Help You, Physical Security, Assessment of SCADA/ICS Environments, Cyber Security, Honey Pots in SCADA/ICS Environments, and The FBI Viewpoint. Key participation will feature NiSource, American Electric Power, American Municipal Power, Greater Cincinnati Water Works, Ohio PUCO, the Department of Homeland Security, and the FBI.

The event runs from 8:30 AM to 6:00 PM. Registration opens at 8:00 AM and is free. Those who work with SCADA/ICS are invited to attend. RSVP’s can be sent to mmaguire@microsolved.com. Please include your contact information. Seating is limited and available ONLY to those individuals actively working in Ohio with SCADA/ICS components.

MSI looks forward to providing an excellent event that will help organizations secure their SCADA/ICS systems and discuss best practices and industry standards at the event!

MicroSolved Winner of First Americas Information Security Leadership Award

Posted on September 23, 2011 by Mary Rose Maguire

We’re thrilled to announce that MSI has received an award from (ISC)2, the world’s largest information security professional body and administrators of the CISSP®!

MicroSolved, Inc. has worked hard over the years to provide information security awareness to our community. We’ve been involved in everything from volunteering at local community colleges for security events to providing insights and advice to WordPress. Quite simply, MSI wants to make the world’s data safer.

Congratulations to Brent Huston, Founder, CEO, and Security Evangelist of MSI for his commitment and vision. At MSI, we will continue our mission toward bringing security awareness wherever we can. View the press release here.

MSI :: State of Security

Insight from the Information Security Experts

Category Archives: Announcements