Application Security Architecture Authentication
CertificationsCorporate ComplianceCryptology
Disaster RecoveryEnterprise SecurityExploits
FirewallsIncident HandlingIntrusion Detection
OS SecurityPolicies and ProceduresSecurity Basics
Security ManagementSecurity ToolsServers
StandardsVoIPVulnerability Management
Web SecurityWiFi SecurityWorms and Viruses

Forensicating Docker with ELK

by Stefan Winkel

Docker has made an immense impact on how software is developed and deployed in today’s information technology environments. The quick and broad adoption of Docker as part of the DevOps movement has not come without cost. The introduction of vulnerabilities in the development cycle has increased many times. While efforts like Docker Notary and Security Testing as a Service are trying to catch up and mitigate some of these risks, Docker Container Escapes through Linux kernel exploits like the recent widespread Dirty COW privilege escalation exploit in late 2016, can be disastrous in a cloud and other production environments. Organizations find themselves more in need of forensicating Docker setups as part of incident investigations. Centralized event logging of Docker containers is becoming crucial in successful incident response. This paper explores how to use the Elastic stack (Elasticsearch, Logstash, and Kibana) as part of incident investigations of Docker images. It will describe the effectiveness of ELK as result of a forensic investigation of a Docker Container Escape through the use of Dirty COW.
» Read more

Ethics of Hacking

by Michelle Sellers

This paper will explore the ethics of hacking. There are two main types of hacking, ethical hacking and unethical hacking. For the purposes of this paper I will attempt to explain the differences between the two and argue my viewpoints on the topic. I will support my arguments with valuable resources, and explain how the typical ethical theories pertain to this topic. I will follow with ways to prevent being a victim of the crime of hacking.
» Read more

Sensitive Data at Risk: The SANS 2017 Data Protection Survey

by Barbara Filkins

Ransomware, insider threat, and denial of service are considered the top threats to sensitive data by respondents to the 2017 SANS Data Protection Survey. User credentials and privileged accounts represented the most common data types involved in these breaches reported in the survey, spotlighting the fact that access data is prized by attackers. The experiences of respondents with compromised data provide valuable lessons for security professionals.
» Read more

A Lightbulb Worm?

by Colin O’Flynn

This whitepaper is designed to show some details of the Philips Hue system. It is not designed to demonstrate any specific attack, but instead a chance to “poke around” to see what security features are present. It is designed to serve as a reference for those designing similar systems, to give an idea what attack surfaces might be exploited.
» Read more

Deploying VoIP in the Enterprise

by Extreme Networks

Data networks are becoming increasingly viable for supporting telephony and the advantages of converged networks are continuing to make themselves apparent. A successful IP Telephony deployment is assisted by an awareness of where you are going. This comes from considering all of the elements required to deploy and maintain a converged, Voice-over-IP capable network. These elements are discussed in this white paper, along with guidelines for setting up a pilot project and for forming an incremental rollout of IP Telephony.
» Read more

The Business Benefits of VoIP

by CenturyLink Advanced Technology Solutions (ATS) Team

As with any IT project, budget is a consideration factor. You have to decide between continuing to spend capital and resources to maintain your current voice TDM architecture or considering another course. With challenge comes opportunity. TDM’s impending sunset presents an opportunity to organize, unify and standardize your network, as these forward-thinking enhancements will prepare your company for the future. This white paper analyzes why a move from TDM to a Voice over IP (VoIP) is a beneficial solution for your enterprise.
» Read more

Next-Gen Protection for the Endpoint: SANS Review of Carbon Black Cb Defense

by Jerry Shenk

In today’s threat landscape, organizations wanting to shore up their defenses need endpoint tools that not only detect, alert and prevent malware and malware-less attacks, but also provide defenders a road map of the systems and pathways attackers took advantage of. Our review shows that Carbon Black’s Cb Defense does all this and more with a high degree of intelligence and analytics. Utilizing a cloud-based delivery system, it makes informed decisions on subtle user and system behaviors that we wouldn’t otherwise see with traditional antivirus tools. Importantly, it saved us time: Manual correlation and false positives are among the top 10 time-consuming tasks IT professionals hate, according to a recent article in Dark Reading.2 Rather than toggling between separate security systems, tra c logs and so on, we used a single cloud interface (through drill-down and pivot) to determine whether a threat was a false positive or real.
» Read more

Obfuscation and Polymorphism in Interpreted Code

by Kristopher L. Russo

Malware research has operated primarily in a reactive state to date but will need to become more proactive to bring malware time to detection rates down to acceptable levels. Challenging researchers to begin creating their own code that defeats traditional malware detection will help bring about this change. This paper demonstrates a sample code framework that is easily and dynamically expanded on. It shows that it is possible for malware researchers to proactively mock up new threats and analyze them to test and improve malware mitigation systems. The code sample documented within demonstrates that modern malware mitigation systems are not robust enough to prevent even the most basic of threats. A significant amount of difficult to detect malware that is in circulation today is evidence of this deficiency. This paper is designed to demonstrate how malware researchers can approach this problem in a way that partners researchers with vendors in a way that follows code development from ideation through design to implementation and ultimately on to identification and mitigation.
» Read more

Moving Toward Better Security Testing of Software for Financial Services

by Steve Kosten

The financial services industry (FSI) maintains high-value assets and typically operates in a very complex environment. Applications of all types–web applications, mobile applications, internal web services and so forth–are being developed quickly in response to market pressures by developers with limited security training and with relatively immature processes to support secure application development. This combination presents a juicy target for attackers, and data shows that the FSI continues to be a top target. Attempts to introduce security into the application life cycle frequently face challenges such as a lack of available application security expertise, concerns about costs for tooling, and a fear among product owners that security processes might impede the development cycle and slow their response to market conditions. This paper explores why the applications are being targeted, what is motivating the attackers and what some inhibitors of application security are. Most important, this paper specifies some best practices for developing a secure development life cycle to safeguard applications in the FSI.
» Read more

Using Cloud Deployment to Jump-Start Application Security

by Adam Shostack

The cloud has significantly changed corporate application development. Now that releases come every few days rather than once or twice a year, AppSec is now squeezed into tiny windows of time. The speed, repetitiveness and changes in responsibility associated with these changes make it hard for traditional approaches to work. What are the choices and best practices for security within AppSec? How can you leverage the cloud to work for you? Attend this webcast and be among the first to receive access to the associated whitepaper developed by Adam Shostack.
» Read more

1 2 3 4 5 7