Combat Advanced Cyber Attacks With Shared Security Intelligence

Combat Advanced Cyber Attacks With Shared Security Intelligence

(Originally published in Cyber Defense Magazine, Black Hat special edition)


​In this information age, even the mightiest of enterprises and governments across the globe are worried about cyber-attacks. Not a single day passes by without a story about a hack or a compromise or an identity theft involving data related to a large number of users. Cyber security is increasingly becoming complex, and cyber-attacks have truly emerged a global crisis.

An analysis of some of the recent high profile breaches reveals that the threat landscape is rapidly evolving into a more dangerous ground with highly targeted attacks and advanced persistent threats (APTs) leading the way.


IT Security and Auditing Framework – A Glass Half Full or Half Empty?


Log Management, Compliance Reporting and SIEM

Corporate islands with no connectivity to the external world and/or employees seeking permission to share company critical information with an outsider are not options that ensure protection from information thefts. Not a day goes by without a security breach or espionage attempt in the media. It doesn’t matter whether it’s an internal or external hack caused by a deliberate or inadvertent action. The IT guy is made accountable for the security gaps and is asked to revisit the policies to ensure that such incidents don’t recur.

We can all say thanks to the built-in logging mechanism in devices, systems and applications, which help track e…

ManageEngine’s EventLog Analyzer Advances the Cloud with ActiveState Stackato


The cloud, once known as the future of IT, is now part of modern IT infrastructure. With the growing acceptance of BYOD and employees soliciting critical business-service access on the move, the cloud is ideally suited to balancing these current market trends. It helps IT organizations be cost effective and deliver better IT services.

If you’re currently evaluating or have already implemented a cloud infrastructure in your business, you know it can be a tricky project with a lot of unanswered questions. This is especially true if statutory compliance acts such as PCI DSS, FISMA, HIPAA, and/or SOX govern your company. You need to consider a sound information security plan to detect abnormal access to …

ManageEngine EventLog Analyzer Secures Gold Award


We are excited to announce that ManageEngine EventLog Analyzer recently took home the Gold Award from Deb Shinder, MVP (Enterprise Security) reviewed the product before bestowing this award.

We want to thank for giving us an opportunity to have our product thoroughly reviewed by Shinder, a seasoned security professional. Thank you Deb for setting aside some time to evaluate EventLog Analyzer.

“The vendor (ManageEngine) actually cares about what the IT pros using their solution want and need” Shinder said “This solution manages to be extremely full featured without being complicated. Despite a couple of moments of confusion as I got acquain…

PCI DSS 3.0: Shifting focus on daily review of ‘security-relevant’ logs to identify suspicious activities [Part-3]


Ever since the release of the PCI DSS version 3.0 change highlights by the PCI Security Standards Council (PCI SSC), stakeholders of payment card industry and security analysts have been busy interpreting the proposed regulations. While many of the sections explained in the change highlights document require clarity, one thing was crystal clear – v3.0 expects the stakeholders to focus their log-review efforts on ‘identifying suspicious activity’ and not merely collecting them religiously and performing a generic review.


Even in PCI 2.0, Requirement 10 is all about activity logs – collection, transmission, storage and daily review of logs from the devices and sys…

5 Top Targets for Today’s Hackers


Black Hat USA bills itself as “the show that sets the benchmark for all other security conferences.” While most conferences tend to over-promote themselves, given the activity at this year’s show, that actually might be something of an understatement.

From the defense of government surveillance delivered by NSA Director General Keith Alexander to briefings on the coming “cryptopocalypse” and the risks associated with embedded devices and the Internet of Things, Black Hat reminds us that a little bit of paranoia is warranted in today’s connected world.

Here are my leading candidates for surprising, damaging ways criminal hackers are breaching our online security and val…

Spate of shocking cyber attacks on universities jolt academia


It is hauntingly clear – cyber criminals have set their eyes firmly on universities, research institutions, and centers of higher learning in the United States and other parts of the world. If the cyber attacks of the past few weeks are any indication, universities are now facing the biggest threat to information security.

Attack landscape

  • On July 17, 2013, personal information of more than 72,000 staff members (past and present) of the University of Delaware in Newark was compromised. Hackers  obtained the information (names, addresses, social security numbers, etc.) by exploiting the vulnerability in a third-party software that the university used.
  • On July 18, 2013, during a routine security sca

Your Net Worth Is Online – And Less Safe Than Ever


The Black Hat USA 2013 conference, which kicks off tomorrow in Las Vegas, brings together the brightest minds in IT security each year — those who are responsible for perpetrating and protecting against the latest hacks and vulnerabilities. And not a second too soon, since every week seems to usher in another security catastrophe.

This week’s shocker was the outing of a hole in mobile device SIM cards, by Karsten Nohl, the founder of Security Research Labs in Berlin. Nohl was able to send a virus to the SIM card through a text message, then eavesdrop on calls, make purchases through the phone and even impersonate the phone’s owner. He did all this in under two minutes using an everyday PC and estimate…

IT outsourcing: When outsiders become insiders, how do you ensure information security?


Organizations outsource a part or whole of their IT services to third-party service providers for various reasons, such as cost savings, leveraging outside expertise, need to meet business demands quickly, and other critical aspects. Usually, tasks such as software development, network management, customer support, and data center management are outsourced.

Engineers and technicians working with service providers would require remote privileged access to servers, databases, network devices, and other IT applications to discharge their contractual duties. Typically, in outsourced IT environments, the technicians working with the service provider will be located at a faraway place and will …

This Week’s Five: Security Begins At Home


This Week’s Five is a weekly column of five interesting reads from all over the web, with a different topic every week. This week, we explore the risks of security breach and importance of data protection in enterprise networks.

Cyber thieves of all kinds have made the lives of the people in charge of data security miserable; except when they get caught. In today’s world, organizations cannot afford to sit back and assume that “this won’t happen to us”. It is important to be prepared for impending breaches in security. So here is our advice: Secure your network, starting today!

In this special compendium of articles, we take a look at some of the important write-ups on sec…