This Blog has Moved!

This blog is moving to


Thank you for visiting! Content will remain here for archival purposes.

Top 3 Reasons to Give Insiders a Unified Identity

The following is external content provided as a free resource for blog readers.





Read now for an inside look at how a unified identity can:

  • Reduce the risk of audit failures, insider threats, and other security breaches.

  • Lower TCO through a simplified and standardized approach to managing identity-related risks.

  • Securely support next-generation IT and business initiatives.






Request Free!

Windows Least Privilege Management and Beyond

The following is external content provided as a free resource for blog readers.





This white paper examines the security, compliance and efficiency issues surrounding least privilege management for Windows servers, and explains where native Windows tools fall short. It then describes how Centrify's DirectAuthorize component for Windows eliminates the problem of too many users having broad and unmanaged administrative powers by delivering secure delegation of privileged access and granularly enforcing who can perform what administrative functions.



Request Free!

How Global Financial Firms Can Effectively Address Technology Risk Guidelines

The following is external content provided as a free resource for blog readers.





The MAS guidelines for Internet Banking and Technology Risk Management (TRM), issued in June 2013, identify security and risk management issues in a comprehensive manner, covering everything from identity assurance and access controls to accountability and audit. This white paper details how products from Centrify—a leading provider of Unified Identity Services across data center, cloud, and mobile—addresses critical portions of the security controls and risk management requirements defined in the MAS TRM Guidelines.



Request Free!

The Forrester Wave: Privileged Identity Management, Q1 2014

The following is external content provided as a free resource for blog readers.





In this special report Forrester researched, analyzed, and scored privileged identity management vendors -- BalaBit, BeyondTrust, CA Technologies, Centrify, CyberArk, Dell, Hitachi ID, Lieberman Software. Download now to see who came up on top!



Request Free!

Identity and Access Management in the Cloud Era

The following is external content provided as a free resource for blog readers.





The explosion of mobile devices, fragmented network access and multiple operating systems makes identity management a big challenge. Although there are already a number of IAM products out in the market today, each has their own limitation that could put organization's systems at risk. Centrify through its wide range of identity and access management products is uniquely positioned to provide firms a variety of simple through to advanced identity management solutions – making a fully integrated security management possible across all platforms, across all devices. And because Centrify leverages the cloud as well for its IAM solution, companies can take advantage of the benefits of the cloud – cost effectiveness and efficiency without heavy upfront costs brought by on-premises implementations.



Request Free!

Improving Mobile Device Security and Management with Active Directory

The following is external content provided as a free resource for blog readers.





As more and more workers bring personal devices to work for increased productivity and mobile access, organizations must quickly respond to the security and compliance risks posed by largely unmanaged access to corporate information. Enterprises can expect to see tablet sales alone increase by 250% in 2012, primarily iPads, which users are connecting to corporate email and other network services at unprecedented rates. To address these trends, IT organizations need to deploy comprehensive and cost effective solutions that secure and manage all the devices that are part of this ‘consumerization of IT‘ trends of iOS and Android smart phones and tablets.



Request Free!

Smart Mobility Platform for Retailers

The following is external content provided as a free resource for blog readers.





Using mobile technology can increase in-store traffic, loyalty, and sales. Read this paper to learn more about smart mobility platforms for retailers that improve the in-store customer experience and operations, all while complying with Payment Card Industry (PCI) regulations.



Request Free!

Holistic Security Architecture Designed to Fight Emerging Cyber Attacks

The following is external content provided as a free resource for blog readers.





A holistic security architecture - Attack Mitigation Network (AMN) - addresses these emerging security challenges offering the widest attack coverage and shortest time to mitigate. Download this white paper NOW to learn how to:

  • Maintain business continuity even when under attack

  • Interface with emerging security applications

  • Protect against all types of availability-based threats

  • Reduce operational costs and save on enterprise infrastructure expenses






Request Free!

Protecting Critical DNS Infrastructure Against Attack

The following is external content provided as a free resource for blog readers.





This paper outlines the recent DDoS attacks on DNS services and challenges of mitigating those attacks.



Learn how:

  • DNS DDoS attacks take advantage of weaknesses in the DNS protocol

  • Attackers launch a high bandwidth sophisticated attack on their victim

  • Attackers use amplification effect


Securing DNS service requires rethinking on perimeter security with dedicated tools to identify and mitigate these new breed of attacks on DNS services.



DOWNLOAD NOW to stop DNS DDoS Attacks!



Request Free!

Securing Your Business Against SSL-Based DDoS Attacks

The following is external content provided as a free resource for blog readers.





This white paper details the main challenges that encrypted SSL based DDoS attacks present:

  • Attack impact is higher than clear text attacks

  • Current DoS mitigation technologies don't inspect SSL traffic

  • Anti-DoS scrubbing centers are not mitigating SSL based attacks

  • “In the cloud” anti-DoS managed services don't protect against SSL attacks

  • Floods directed to HTTPS pages


DOWNLOAD this white paper NOW and learn how to fully protect your online business and IT infrastructure against SSL based-DDoS attacks.



Request Free!

Mitigating the DDoS Threat

The following is external content provided as a free resource for blog readers.





This white paper covers:

  • Likelihood of attacks for different industries

  • Top business concerns of DoS/DDoS attacks

  • 2013 notable attack vectors and landscape

  • DoS/DDoS protection best practices






Request Free!

Introducing the Stay Safe Online Campaign

Today I started working on a new project - the Stay Safe Online Campaign!

The target of this campaign is home users.  Especially home users who might not have a secure computing environment at home.

I've started by creating two flyers which anyone can freely copy and distribute.

Please check them out, and distribute them to others!

Stay Safe Online Checklist Handout

FREE PC Security Resources Handout

Space Weather Outlook May 25, 2014 at 10:15PM

Official Space Weather Advisory issued by NOAA Space Weather Prediction Center Boulder, Colorado, USA SPACE WEATHER ADVISORY OUTLOOK #14-21 2014 May 25 at 8:03 p.m. MDT (2014 May 26 0203 UTC) **** SPACE WEATHER OUTLOOK **** Summary For May 19-25 An R1 (minor) radio blackout occurred on 24 May. A G1 (minor) geomagnetic storm occurred on 23 May. Outlook For May 26-June 1 There is a chance for R1 (minor) or greater radio blackouts during the forecast period. S1 (minor) or greater solar radiation storms are not expected. G1 (minor) or greater geomagnetic storms are not expected in the absence of significant transient features. Data used to provide space weather services are contributed by NOAA, USAF, NASA, NSF, USGS, the International Space Environment Services and other observatories, universities, and institutions. More information is available at SWPC's Web site Thank you for using the Product Subscription Service. If you would like to remove a product subscription or update the personal information in your account, go to the Product Subscription Site. Please do not use the from address for correspondence, as it is not monitored. For comments or help, please contact SWPC Help.

Know the Big Three

The following is external content provided as a free resource for blog readers.





It's been a remarkable and rapid transformation, and ease of use and flexibility have outpaced security. This paper will tell you how to prevent sensitive data leakage over insecure channels or stolen devices.



Request Free!

The Essentials of Information Security Kit: Includes a Free PC Security Handbook - 2nd Edition eBook

The following is external content provided as a free resource for blog readers.





The Essentials of Information Security brings together the latest in information, coverage of important developments, and expert commentary to help with your Information Security related decisions.



The following kit contents will help you get the most out of your Information Security research:

  • PC Security Handbook - 2nd Edition

  • Ensure Business Continuity with Vision Solutions in Combination with IBM Systems and Storage

  • Adapting Security to the Cloud

  • SSL 101: A Guide to Fundamental Website Security






Request Free!

Securing Microsoft Exchange 2010

The following is external content provided as a free resource for blog readers.





However, as with Microsoft Exchange Server 2007, Exchange 2010 requires SSL certificates to ensure the security of all connections to the email server. This guide from Thawte is designed to take the guesswork out of implementing SSL for Exchange 2010, making it easier than ever to get the SSL certificate you need for a successful and secure Exchange implementation, and to take advantage of powerful capabilities such as Subject Alternative Names (SANs).



Request Free!

Securing your Apache Web Server with a Thawte Digital Certificate

The following is external content provided as a free resource for blog readers.





We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure.



Request Free!

Server-Gated Cryptography: Providing Better Security for More Users

The following is external content provided as a free resource for blog readers.





This guide will help you to understand how SGC-enabled SSL certificates work and why they are different from other certificates, why the technology was first introduced in the late 90s, and why this technology remains as relevant today as it was back then.



Request Free!

The Bot Threat

The following is external content provided as a free resource for blog readers.





Download this white paper and learn how bots work and how, by adopting the right strategy, you can use a defense-in-depth strategy to effectively prevent direct attacks against your critical systems.



Request Free!

Building A Better Network Security Strategy

The following is external content provided as a free resource for blog readers.





A comprehensive network security solution needs to include a number of factors, including network reliability, resources for managing the network, network features and functions, and full integration. This Slashdot Pulse offers insight into IT professionals who currently manage network security, giving readers a glimpse into real-word security plans and tactics.



Request Free!

8 Ways To Better Monitor Network Security Threats in the Age of BYOD

The following is external content provided as a free resource for blog readers.





While many work from the office, most access corporate networks and data from a variety of locations, including home offices, airports, hotels, and wide area networks, often using any or all of the aforementioned devices. Identifying and managing network security risks in this environment is a non-stop, 24/7 challenge for even the most seasoned IT security professionals.



This SlashGuide offers unique insight and analysis into how network security professionals can better identify, manage, and contain the leading network security risk factors that arise from a mobile, always-on workforce. This paper arms IT security professionals with the information they need to better manage and mitigate these network security risks, giving them actionable tips they can put into practice today.



Request Free!

Mapping Security for Your Virtual Environment

The following is external content provided as a free resource for blog readers.





With the growing popularity of virtualization in enterprise data centers, you need a virtual security solution that allows you to confidently adopt virtualization throughout your data center without compromising on your existing security postures. Read this solution brief to learn more.



Request Free!

Next Generation Enterprise Network Security Solutions: The Importance of Incorporating Vulnerability Intelligence

The following is external content provided as a free resource for blog readers.





HP TippingPoint Next-Generation Intrusion Prevention System (NGIPS) and Next-Generation Firewall (NGFW) combine technology that focuses on the root problems common to multiple threats with the latest vulnerability intelligence provided by HP Security Research and supported by more than 3,000 external security researchers. This enables them to block new threats that escape detection by traditional threat pattern recognition with minimal impact on network performance.



Request Free!

2013 Cyber Risk Report Executive Summary

The following is external content provided as a free resource for blog readers.





The summary concludes that security is about an integrated, systematic approach that includes both protective and reactive measures. Read it to learn:

  • What are the major trends in software vulnerabilities?

  • How prevalent is mobile malware?

  • What are the most common problems found in mobile apps?

  • How vulnerable are JAVA applications?

  • What is the danger of misconfigured systems?






Request Free!

Security Considerations When Undergoing a Network Refresh

The following is external content provided as a free resource for blog readers.





Network demands will only increase as we move to the “internet of things” adding sensors and instrumentation of all types to the list of security burdens.



As a result, many organizations are planning network refreshes to ensure bandwidth for current and future needs will be available. But new networking protocols and hardware can bring new attack surfaces for both internal and external threats, and organizations must consider new security measures, from intrusion prevention systems to next-generation firewalls to ensure network upgrades don't leave them at higher risk.



This SlashGuide looks at the most important factors IT should keep top of mind as they plan their move to 802.11ac, higher bandwidth wired infrastructure or upgrading to switches and routers with enhanced capabilities.



Request Free!

Hacking a Space Probe For Science! The @ISEE3Reboot Project

This is the fourth article in my series on Space Security.

Today NASA announced that it signed an agreement which will legally allow the ISEE-3 Reboot Project to contact, and literally "hack" the ISEE-3/ICE probe in order to redirect it into a new orbit for future scientific studies.

ISEE-3 was originally launched in 1978 to study space weather.

In 1982, it was redirected to a new orbit, and was used to study several comets, including Halley's Comet.

The probe was supposed to be powered down in the late 1990's, but in 2008 it was discovered that the probe was still functional, and would most likely still work on its return orbit to Earth, 31 years after it departed from its original orbit.

However, there was a problem; NASA no longer has the equipment needed to communicate with the probe. In fact, the hardware no longer exists.

As a result, a small group of engineers put together a crowdfunding campaign to redirect the probe into a stable orbit under the ISEE-3 Reboot Project, and resume its original mission of studying space weather.

So far, one of the biggest challenges faced by the project is that the team must take the entire set of commands understood by the probe (which were originally generated by hardware), and recreate them using software defined radio.

In order to take over this probe, the team is relying on documentation provided by former engineers of the ISEE-3 project, and hopefully documentation which can be acquired through the Space Act Agreement which NASA signed today.

For those interested, here is a publicly released document with the technical details of the ISEE-3 probe, including communications frequencies.  However, unless you have an antenna the size of the Arecibo Observatory, don't expect to be able to take over this probe yourself.  In other words, don't try this at home kids.

ISSE-3/ICE Telecommunications Summary


Also, the team has put together a YouTube video for your viewing pleasure.


Big Security for Big Data

The following is external content provided as a free resource for blog readers.





The first step is to establish complete visibility so that you can monitor your data and those who access it. Next, you need to understand the context, so that you can focus on assets that are critical to your business. Finally, you need to utilize the intelligence gathered so that you can harden your attack surface and stop attacks before data is exfiltrated. This white paper will give you the information you need to get started.



Request Free!

Securing Your IT Infrastructure with SOC/NOC Collaboration

The following is external content provided as a free resource for blog readers.





It can help you seamlessly integrate log management into your IT operations strategy, create collaboration between your SOC and NOC that empowers your organization to effectively manage your IT infrastructure while simultaneously ensuring its security.



Request Free!

Security for a Faster World

The following is external content provided as a free resource for blog readers.





This eBook presents a maturity model that will help you determine how secure you really are, explores five questions every CIO should be able to answer, and outlines a new approach based on intelligence gathering and research that can keep you ahead of the cybercriminals.



Request Free!

2013 Cost of Cyber Crime Study: Global Report

The following is external content provided as a free resource for blog readers.





And the average number of attacks per company grew 20% to 73 successful attacks annually. With the incidence and cost of cyber crime rising sharply, this study of 234 companies in six countries details the types of cyber attacks found to be most common and the losses resulting from each type of attack. There's good news, though. Companies with robust security governance practices reduced annual losses by $800,000. And those implementing security intelligence systems drove down costs by an average of $2M and achieved 21% ROI on those systems.



Request Free!

Top 5 Truths About Big Data Hype and Security Intelligence

The following is external content provided as a free resource for blog readers.





But BDSA is a specialized application of Big Data. This study shows how BDSA is different:

  • There's more to BDSA than just “big.”

  • BDSA requires real-time processing of security data.

  • BDSA requires more than just Big Data technology.






Request Free!

10 Ways to Build a Better Big Data Security Strategy - IT Manager's Journal

The following is external content provided as a free resource for blog readers.





Collecting vast amounts of data from disparate sources—including the cloud—exposes the enterprise to new threats and creates vast new stores of data you must protect. But you can apply Big Data techniques for finding insight in mountains of data to find security threats as well.



Request Free!

SANS Security Analytics Survey

The following is external content provided as a free resource for blog readers.





This SANS Analyst survey asked 647 security and network professionals what advanced threats they experience, what tools and methods they use to detect them, and how effective those tools have been. Their conclusion: today's enterprises need a new approach based on Big Data security analytics and a new generation of SIEM solution. Read the full report to learn why.



Request Free!

Protecting Your Mid-Size Business from Today's Security Threats

The following is external content provided as a free resource for blog readers.





If you were one of millions of customers who used a credit or debit card at Target between Thanksgiving and Dec. 19, 2013, you're well aware that your card number and even your PIN are likely for sale on some dark corner of the Internet. The incident garnered extensive media coverage because of the size of the breach, the timing, and the fact that hackers managed to gain access to Target's point-of-sale system itself and steal sensitive data.



Request Free!

The Importance of Reputation

The following is external content provided as a free resource for blog readers.





This white paper explains:

  • How reputation data makes security more proactive

  • How to evaluate reputation security services

  • How HP ArcSight Security Information and Event Management (SIEM) applies reputation data to prevent exfiltration of data from infected internal machines to sites with bad reputations


Read this white paper now for more details.



Request Free!

IT Security: Midsize Businesses Face Enterprise-Caliber Threats

The following is external content provided as a free resource for blog readers.





This information brief uses survey data to examine the security posture of midsize companies. Read it to learn:

  • How respondents view their security defenses

  • How many experience security breaches

  • Why midsize companies need effective security information management

  • The four important insights about midsize company security






Request Free!

Targeted Malware Attacks Against USPS Customers Using Location in Malware Filename

A friend contacted me today with an interesting piece of malware he received in his inbox. A "delivery notification" stating that USPS couldn't make a delivery, and requesting you to download and print out the attached label to claim your package.

Screenshot of original email

What makes this malware interesting is that it is clearly targeted, in that the malware sender knows the city of the email recipient.  In this case, the malware was named USPS_Label_Hagerstown.zip.

Space Weather Outlook May 18, 2014 at 09:37PM

Official Space Weather Advisory issued by NOAA Space Weather Prediction Center Boulder, Colorado, USA SPACE WEATHER ADVISORY OUTLOOK #14-20 2014 May 18 at 7:26 p.m. MDT (2014 May 19 0126 UTC) **** SPACE WEATHER OUTLOOK **** Summary For May 12-18 No space weather storms were observed during the week. Outlook For May 19-25 There is a chance for R1 (minor) or greater radio blackouts during the forecast period. S1 (minor) or greater solar radiation storms are not expected. G1 (minor) or greater geomagnetic storms are not expected in the absence of significant transient features. Data used to provide space weather services are contributed by NOAA, USAF, NASA, NSF, USGS, the International Space Environment Services and other observatories, universities, and institutions. More information is available at SWPC's Web site http://swpc.noaa.gov Thank you for using the Product Subscription Service. If you would like to remove a product subscription or update the personal information in your account, go to the Product Subscription Site. Please do not use the from address for correspondence, as it is not monitored. For comments or help, please contact SWPC Help.

Authentic8 joins secure browser wars by revisiting the thin client -- with a dash of SSO (451 Research Impact Report)

The following is external content provided as a free resource for blog readers.






As Web and cloud-based applications become more pervasive, the poor old Web browser is tasked with shouldering burdens it was never intended to bear. With browsers increasingly functioning as the primary interface to a wide spectrum of applications, they are exposed to an equally broad threat landscape – phishing attempts, man-in-the-middle attacks, client-side exploits, network-level snooping, DNS hacks and waterhole attacks, to name a few. While there are various methods of dealing with many of these threats, Authentic8 has come to market with a unique combination of sandbox-based secure browsing and single sign-on (SSO) that attempts to address many browser-related threats within a single offering.






Request Free!

Top 3 Myths about Big Data Security : Debunking Common Misconceptions about Big Data Security

The following is external content provided as a free resource for blog readers.





How are they protecting that data? This eBook addresses three myths of big data security.



Request Free!

Space Weather Outlook May 11, 2014 at 10:52PM

Official Space Weather Advisory issued by NOAA Space Weather Prediction Center Boulder, Colorado, USA SPACE WEATHER ADVISORY OUTLOOK #14-19 2014 May 11 at 8:40 p.m. MDT (2014 May 12 0240 UTC) **** SPACE WEATHER OUTLOOK **** Summary For May 5-11 Category R1 (Minor) radio blackouts were observed on 06 and 07 May due to flare activity from active sunspot Region 2051. Category R2 (Moderate) radio blackouts were observed on 08 May due to flare activity from active sunspot Region 2056. Outlook For May 12-18 A chance for R1-R2 (Minor-Moderate) radio blackouts exists throughout the period due mainly to potential flare activity from active sunspot Region 2056. Data used to provide space weather services are contributed by NOAA, USAF, NASA, NSF, USGS, the International Space Environment Services and other observatories, universities, and institutions. More information is available at SWPC's Web site http://swpc.noaa.gov Thank you for using the Product Subscription Service. If you would like to remove a product subscription or update the personal information in your account, go to the Product Subscription Site. Please do not use the from address for correspondence, as it is not monitored. For comments or help, please contact SWPC Help.

Follow me on Vole!

I've started playing with a Peer to Peer social network called "Vole".

What is Vole?

Vole is a web application for sharing words, pictures and videos with others. Data is distributed peer-to-peer using Bittorrent Sync.

In order to get started, you'll need to follow the instructions on the Vole github.

If you're interested in following me, here is my read-only key:

BK7LQRXK32HWIUXISYCL76FEWW5LAZLVJ

Refreshing, Resetting, and Restoring: A Guide to Recovery Options in Windows

The following is external content provided as a free resource for blog readers.





Refresh and reset are powerful additions to the arsenal of recovery tools found in Windows 8. Resetting reverts a machine back to a base image of the initial installation; refreshing a machine is a little less drastic in that it keeps some applications, and more importantly, keeps all user data safe while still fully cleansing a PC of many troublesome issues.



Request Free!

10 Network Security Tools and Tests Everyone Should Use

The following is external content provided as a free resource for blog readers.





Whether you are operating a home system, overseeing a small startup, or performing security governance for an enterprise, everyone can benefit from paying attention to security. This paper provides a list of 10 security tools or tests that will help you check out suspicious issues and keep ahead of new risks and threats.



Request Free!

2014 Internet Security Threat Report

The following is external content provided as a free resource for blog readers.





In 2013 much attention was focused on cyber-espionage, threats to privacy and the acts of malicious insiders. However the end of 2013 provided a painful reminder that cybercrime remains prevalent and that damaging threats from cybercriminals continue to loom over businesses and consumers. Eight breaches in 2013 each exposed greater than 10 million identities, targeted attacks increased and end-user attitudes towards social media and mobile devices resulted in wild scams and laid a foundation for major problems for end-users and businesses as these devices come to dominate our lives. This year's ISTR once again covers the wide-ranging threat landscape, with data collected and analyzed by Symantec's security experts.



Request Free!

Attacks on Point of Sales Systems

The following is external content provided as a free resource for blog readers.





Despite improvements in card security technologies and the requirements of the Payment Card Industry Data Security Standard (PCI DSS), there are still gaps in the security of POS systems. This coupled with more general security weaknesses in corporate IT infrastructure means that retailers find themselves exposed to increasingly resourceful and organized cybercriminal gangs.



Request Free!

Space Weather Outlook May 04, 2014 at 10:49PM

Official Space Weather Advisory issued by NOAA Space Weather Prediction Center Boulder, Colorado, USA SPACE WEATHER ADVISORY OUTLOOK #14-18 2014 May 4 at 8:37 p.m. MDT (2014 May 5 0237 UTC) **** SPACE WEATHER OUTLOOK **** Summary For April 28-May 4 No space weather storms were observed during the period. Outlook For May 5-11 A chance for R1-R2 (Minor-Moderate) solar radiation storms are possible due to active solar regions. Data used to provide space weather services are contributed by NOAA, USAF, NASA, NSF, USGS, the International Space Environment Services and other observatories, universities, and institutions. More information is available at SWPC's Web site http://swpc.noaa.gov Thank you for using the Product Subscription Service. If you would like to remove a product subscription or update the personal information in your account, go to the Product Subscription Site. Please do not use the from address for correspondence, as it is not monitored. For comments or help, please contact SWPC Help.

XP Systems Will Receive Emergency Patch for IE Zero-Day

Great news for everyone out there who hasn't upgraded from XP. Despite the fact that Windows XP is end of life, Microsoft will be releasing an emergency patch for the general public for the IE zero-day vulnerability which was recently announced.

While this is simply delaying the inevitable, XP users will be protected from the vulnerability, for the time being.

Read more over at Slashdot.