Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Networks

sumologic

Amazon VPC Traffic Mirroring

Mar 19, 2020 By David Matslofva In Sumo Logic
The first means to collect security-relevant information at Cloud SIEM Enterprise (CSE) was our Network Sensor. It was built to analyze network traffic and provide visibility beyond traditional SIEM's down to the network-level. Beyond organizing packets into flows, the sensor supports more advanced features such as decoding of common protocols, file carving, SSL certificate validation, OS fingerprinting, clustered deployment and more.
Read Post

RDS: Do Not Allow LPT Port Redirection

Feb 12, 2020 By CalCom In CalCom
This policy specifies whether to prevent the redirection of data to client LPT ports during a Remote Desktop Services session. You can use this setting to prevent users from mapping local LPT ports and redirecting data from the remote computer to local LPT port peripherals. If a value is configured to Disabled or Not Configured, the attacker can leverage it to map the client’s LPT ports. In addition, he can use the port to redirect data from the Terminal Server to the local LTP ports.
View Video

vPenTest: Real-Time and Automated Network Penetration Test Platform

Jan 16, 2020 By Vonahi Security In Vonahi Security
vPenTest is an automated and full-scale penetration test platform that makes network penetration testing more scalable, accurate, faster, consistent, and not prone to human error. Using vPenTest, organizations can now perform a penetration test at any time, allowing network administrators to evaluate their risks to cyber attacks in nearly real time.
View Video

RDS: Do Not Allow COM Port Redirection- The Policy Expert

Jan 13, 2020 By CalCom In CalCom
Do Not Allow COM Port Redirection will determine whether the redirection of data to client COM ports from the remote computer will be allowed in the RDS session. By default, RDS allows COM port redirection. It can be used, for example, to use a USB dongle in an RDS session.
View Video

The Policy Expert: MMS: IP Source Routing Protection Level

Dec 25, 2019 By CalCom In CalCom
IP source routing is a mechanism that allows the sender to determine the IP route that a datagram should take through the network. An attacker could use source routed packets to obscure their identity and location. Source routing allows a computer that sends a packet to specify the route that the packet takes.
View Video
alienvault

The risks of public Wi-Fi and how to stay safe

Oct 17, 2019 By Mjellma Gonzalez In AT&T Cybersecurity

In a bid to entertain their customers, airports, coffee shops, shopping malls - and literally all public places- provide free Wi-Fi. And because the traffic in and around these places is exceedingly high, their Wi-Fi networks aren’t as secure as you’d imagine. For what it is worth, your privacy can never be sufficiently protected by a 5 or even 10-digit login password that you are given.

Read Post

Tracking Malicious Activity across the Sumo Attack Lifecycle

Oct 7, 2019 By Sumo Logic In Sumo Logic
In modern network security monitoring, it is not enough to just detect bad things happening. ROI of security operations is always under scrutiny. Security teams, when they exist, and their leadership (CISOs), continually struggle to get budget, at least until a public breach occurs.
View Video
alienvault

Undivided we fall: decoupling network segmentation from micro-segmentation in the software defined perimeter

Sep 25, 2019 By Alissa Knight In AT&T Cybersecurity

As of today, no laws or regulations, even the latest version of PCI-DSS, HIPAA, and HITECH, do not make network segmentation or micro-segmentation compulsory to comply with the rule. By making network segmentation discretionary -- even when transmitting, processing, or storing regulated data, the number of breaches will continue to rise as companies err on the side of doing less with more.

Read Post
upguard

DNSSEC: What Is It and Why Is It Important?

Sep 12, 2019 By Abi Tyas Tunggal In UpGuard

The Domain Name System Security Extensions (DNSSEC or DNS Security Extensions) is a set of Internet Engineering Task Force (IETF) specifications for securing certain kinds of information provided by the Domain Name System (DNS) as used on Internet Protocol (IP) networks. DNSSEC provides DNS resolvers origin authentication of DNS data, authenticated denial of existence and data integrity but not availability or confidentiality.

Read Post

Copyright © 2024 OpsMatters™. All rights reserved.