Few years back, I was presenting my three year Information and Cyber Security Program, to my surprise – not all Information Technology (IT) executive understood Information Security (INFOSEC), much more Cyber Security (CYBERSEC). What are the possible relations between these two fields of security?. What is INFOSEC? Let’s find out the definition from widely accepted international […]
While the DNS exploit CVE-2015-7547 was discovered a week ago, the code containing the flaw has been in use since May, 2008. CVE-2015-7547 works by allowing arbitrary code to execute on any system …
Source: The Skinny on CVE-2015-7547
Are you building an incident response system? Does it include tools that allow for attack investigation and recovery? Earlier this year I wrote a three part series on constructing a Cyber Incident Response Plan and outlined two ways Scrutinizer can be an important part of this endeavor. After reading the latest BBC article on how Website-crippling cyber-attacks are to rise in 2016 , I figured that I would talk a bit more on how our Flow Analytic intelligence can assist with attack investigation and recovery.
Every day we see more and more stories about security breaches across the globe. With there being so many new cyber security threats coming out the need for traffic analysis and a strong CyberIncident Response plan has never been so high. In part one and part two of this series, we demonstrated that by combining NetFlow/IPFIX technology with Scrutinizer you are getting 100% network visibility. Here in part three of this series, we are going to talk about the importance of adding Scrutinizers Flow Analytic’s Intelligence into your cyber incident response plan to detect network traffic anomalies.
In my previous blog, I talked about the value of having a cyber incident response plan. An important factor in a plan like this is having complete visibility into the traffic that is coming across your network. As I mentioned in my previous post, using flow technologies like NetFlow and IPFIX is an effective way of providing this type of visibility. The truth is that when an incident occurs, having that level of detail is absolutely required, but what about the other 90% of your network monitoring time? How can you monitor for specific events? Continue reading “Cyber Incident Response Plan (Part 2)”
The value of your cyber incident response plan becomes stronger as various global incidents unfold. Just today, I was going through my news feeds and came across a post titled “Cybersecurity: Defending ‘unpreventable’ cyber attacks” by Paul Rubens from BBC News and one word stood out, “Vigilance”.