This guest blog post is by Jason Matlof, Executive Vice President, LightCyber. We thank LightCyber for being a sponsor. LightCyber’s Magna Active Breach Detection platform is a behavior-based detection system that integrates network and endpoint context and is designed specifically to find active breaches after a threat actor has already penetrated a network. To hear […]
The post Why It’s So Hard To Find Intruders After A Network Penetration appeared first on Packet Pushers Podcast and was written by Drew Conry-Murray.
The future of security lies in orchestration, Symantec believes
Intel taps NSX over ACI for security controller integration.
“The stated purpose [of the Silk Road] was to be beyond the law. In the world you created over time, democracy didn’t exist. ... Silk Road’s birth and presence asserted that its…creator was better than the laws of this country. This is deeply troubling, terribly misguided, and very dangerous.”This is silly on the face of it. The stated purpose of all crime is to "be beyond the law". I mean, when I go above the speed limit in my BMW, my stated purpose is to go beyond the legal limit. I'm not sure I understand the logic here.
This presentation from Alex Stamos, CSO of Yahoo during the AppSec conference is explains why firewalls are not part of their security strategy. Firewalls operating at 10G or more are not cost effective. Vertical scaling of performance costs more than the services are worth. At 100G, a firewall has less than 6.7 nanoseconds to “add value” […]
The post Why Firewalls Won’t Matter In A Few Years appeared first on EtherealMind.
Following HP's purchase of Aruba, Meru finds a new home.
"First and foremost, we want to make sure we do not leave activists with fewer tools than they already have. Parliament must be mindful of legislation just based on types of technology because broadly written regulations could have a net negative effect on the availability of many general-purpose technologies and could easily harm very people that the regulations are trying to protect."But that does not stop the EFF from proposing such regulations.
If you want 'security by default,' hardware is the place to be, even in a software-defined world.
Check Point Identity Awareness is problematic in environments that have multiple customers, overlapping private address space, and NAT. It can be done, if you understand the traffic flows, the connections needed, and how to combine several features. Here’s how I did it.
A quick reminder of the traditional flows used for Check Point firewall management:
Check Point Management Clients (e.g. SmartDashboard, SmartLog) connect to the management server to configure policies, view logs, etc.
Policies are compiled and pushed from the management server to the firewall(s). Logs are sent from the firewall back to the management server. All good.
Identity Awareness lets you define rules based upon user identities, rather than IP addresses. So you can say “This AD group is allowed to connect directly to the SQL Server.” Much nicer Continue reading
Another question I got in my Inbox:
What is your opinion on NAC and 802.1x for wired networks? Is there a better way to solve user access control at layer 2? Or is this a poor man's way to avoid network segmentation and internal network firewalls.
Unless you can trust all users (fat chance) or run a network with no access control (unlikely, unless you’re a coffee shop), you need to authenticate the users anyway.
Read more ... A bank vault of a server turns out to be the hot security product Skyport raised $37M for.
Security groups (or Endpoint Groups if you’re a Cisco ACI fan) are a nice traffic policy abstraction: instead of dealing with subnets and ACLs, define groups of hosts and the rules of traffic control between them… and let the orchestration system deal with IP addresses and TCP/UDP port numbers.
Read more ...You cannot promote the (true) idea that security research benefits humanity while defending research that endangered hundreds of innocents— Alex Stamos (@alexstamos) May 16, 2015