Are we ready to bid the SIEM farewell?

At this year's Infiltrate Security Conference in Miami, John Grigg walked the audience through a common target network where a known and commonly used SIEM had been integrated in order to show participants how to exploit onto the SIEM, find intel, and cover their tracks.Though SIEM technologies are supposed to help secure the networks, Grigg said that they are often misconfigured, which creates more vulnerabilities.Even though some of the legacy tools are pretty cool, Grigg said the problem is that no one really knows the platform that well. "The vendor who built it knows it from a design standpoint. Then there's the re-selllers, the guys who install it, the internal IT guys who inherit the systems, but they tend to never really focus on it." To read this article in full or to leave a comment, please click here

Are we ready to bid the SIEM farewell?

At this year's Infiltrate Security Conference in Miami, John Grigg walked the audience through a common target network where a known and commonly used SIEM had been integrated in order to show participants how to exploit onto the SIEM, find intel, and cover their tracks.Though SIEM technologies are supposed to help secure the networks, Grigg said that they are often misconfigured, which creates more vulnerabilities.Even though some of the legacy tools are pretty cool, Grigg said the problem is that no one really knows the platform that well. "The vendor who built it knows it from a design standpoint. Then there's the re-selllers, the guys who install it, the internal IT guys who inherit the systems, but they tend to never really focus on it." To read this article in full or to leave a comment, please click here

How startups recruit, hire and retain software developers

Coding Sans, a software development company, released its State of Software Development at Startups survey looking at 126 tech workers at startup companies. Of those polled, 35 percent cited hiring talent as one of the "biggest challenges in software development," and 90 percent expect the demand for software developers will only grow in the next five years.The survey also uncovered some interesting tactics startups use to compete with bigger, more established tech companies. Here are seven realities they've uncovered about hiring software developers at startup companies.To read this article in full or to leave a comment, please click here

Onto the next one…

Yesterday I passed the CCNA-W exam. Now onto the next partner certification I need to do before summer.

Its called 500-452 ENCWE – Enterprise Networks Core and WAN Essentials and a large part of it involves iWAN, which im not too familiar with.

To that effect I have ordered the official Cisco Press iWAN book and downloaded all the presentations I could find on iWAN from CiscoLive365. That should keep me busy for the foreseeable future ?

I will hopefully be doing some labs on iWAN and will post any findings I have here. It should be fun!

Im still debating whether or not I will goto CLUS this year. Whats really pulling me over there is the people I rarely get to meet. I need to make up my mind soon though.

Take care!

/Kim

Raspberry Pi Roundup: Pi-se of the Machines, keeping the ball up, and GOOOOOOOOOOOOLLLLLLL

The Raspberry Pi is a computer of relatively modest raw capability, but it’s limited much more by our own creativity than it is by its hardware. We’ve seen Pis be everything from video game emulators to fantastic wedding proposal aides to fruit sniffers. Sure, it’s not a powerhouse, but that’s missing the point.To read this article in full or to leave a comment, please click here

DockerCon 2017: Moby’s Cool Hack sessions

Every year at DockerCon, we expand the bounds of what Docker can do with new features and products. And every day, we see great new apps that are built on top of Docker. And yet, there’s always a few that stand out not just for being cool apps, but for pushing the bounds of what you can do with Docker.

This year we had two great apps that we featured in the Docker Cool Hacks closing keynote. Both hacks came from members of our Docker Captains program, a group of people from the Docker community who are recognized by Docker as very knowledgeable about Docker, and contribute quite a bit to the community.

Play with Docker

The first Cool Hack was Play with Docker by Marcos Nils and Jonathan Leibiusky. Marcos and Jonathan actually were featured in the Cool Hacks session at DockerCon EU in 2015 for their work on a Container Migration Tool.

Play with Docker is a Docker playground that you can run in your browser.

Play with Docker

Play with Docker’s architecture is a Swarm of Swarms, running Docker in Docker instances.

Play with Docker

Running on pretty beefy hosts r3.4xlarge on AWS – Play with Docker is able to run Continue reading

Cisco issues 7 “high priority” security advisories; Firepower, IOS and ASA issues among them

Cisco had a pretty large dump of security advisories today – seven “high priority” and one “critical” – impacting a variety of products many with the threat allowing a remote attacker to cause a denial of service.First up this week Cisco said a vulnerability in the Session Initiation Protocol (SIP) UDP throttling process of Cisco Unified Communications Manager (Cisco Unified CM) software could let an unauthenticated, remote attacker cause a denial of service (DoS) attack.+More on Network World: Cisco certifications target business professionals eyeing software roles+To read this article in full or to leave a comment, please click here

Docker Completes Its Platform With DIY Linux

It all started with a new twist on an old idea, that of a lightweight software container running inside Linux that would house applications and make them portable. And now Docker is coming full circle and completing its eponymous platform by opening up the tools to allow users to create their own minimalist Linux operating system that is containerized and modular above the kernel and that only gives applications precisely what they need to run.

The new LinuxKit is not so much a variant of Linux as a means of creating them. The toolkit for making Linuxes, which was unveiled

Docker Completes Its Platform With DIY Linux was written by Timothy Prickett Morgan at The Next Platform.

Humans are (still) the weakest cybersecurity link

Humans remain the weak link in corporate data protection, but you might be surprised hat it isn't only rank-and-file employees duped by phishing scams who pose risks. Some companies are lulled into a false sense of cybersecurity by vendors. You read that right:Some enterprises believe the shiny new technologies they've acquired will protect them from anything.Just ask Theodore Kobus, leader of BakerHostetler’s Privacy and Data Protection team. BakerHostetler Theodore Kobus, BakerHostetler’s Privacy and Data Protection team.To read this article in full or to leave a comment, please click here

Cisco certifications target business professionals eyeing software roles

Trying to keep business professionals ahead of the rapidly changing technology environment, Cisco this week rolled out new business certificate and training packages.The package includes a certification-level offering for what’s known as a client advocate or a Customer Success Manager. The other certification has to do with helping business professionals learn how to build and transform corporations into the digital environment.+More on Network World: DHS warns on immigration spoofing scam+To read this article in full or to leave a comment, please click here

Worth Reading: Game of nodes

There’s a whirlwind of information on the topic of network commoditization. Seriously. Just search in your favorite search engine for “SDN,” “NFV,” or “telco cloud.” You will find dozens of open source projects, communities, forums, architectural definitions, standards, standard bodies, news articles, press releases, and blog sites dedicated to the aforementioned. With such a myriad of information, you’d think people out there would have a deep understanding of why these topics are creating so much noise. I make it a point to ask everyone I meet this simple question: “In a few sentences, what does telco cloud, NFV, or SDN mean to you?” In many cases, people generally just quote a bunch of buzz words — most of which I’m programmed to forget. Others jump into the “What” and “How” of these trends. Only a very few understand the “Why” and that there’s a fundamental challenge to the current business models in their industry. Something has to change. —New Stack

The post Worth Reading: Game of nodes appeared first on rule 11 reader.

A vigilante hacker may have built a computer worm to protect the IoT

Is a vigilante hacker trying to secure your IoT device from malware? The mysterious developer behind a growing computer worm wants people to think so. The worm, known as Hajime, has infected tens of thousands of easy-to-hack products such as DVRs, internet cameras, and routers. However, the program so far hasn't done anything malicious.Instead, the worm has been preventing a notorious malware known as Mirai from infecting the same devices. It's also been carrying a message written from its developer.To read this article in full or to leave a comment, please click here

RESPONSE: 3 Hidden Lessons Behind Top Podcasts to Help Yours Stand Out

Thoughts from the Content Marketing Institute for budding podcasters were shared here. Here’s my response to the points that stood out to me.

CMI’s big idea #1.

“At first, format trumps talent.” And then later…“Avoid the race to the bottom of simply booking the biggest guests in your niche and meandering through an unplanned episode. Instead, find your format.”

Response. To record an effective show people will listen to, you need a plan, agreed. However, the article cites an example of a 15 minute long episode carved into blocks of minutes and seconds.

Perhaps that’s what you need when working against an ultra-tight timeline. However, an outline that provides structure should be adequate. Overly structuring a podcast is burdensome and can serve to stifle interesting conversation. Freedom is one of the benefits of podcasting.

Podcasting is NOT a digital regurgitation of radio, although many try to shoehorn podcasts into a radio format, because the radio business is what they understand. However, podcast content is different. Distribution is different. Listener consumption is different. Monetization is different.

And perhaps most importantly, timelines are fluid. 15 minute long podcasts are being created under an artificial time constraint that begs the question…why?

On the other hand, Continue reading

IDG Contributor Network: Unite and conquer your storage silos

If you’re a storage admin, it might seem like there’s a new flash storage system being pitched at your inbox every week. Maybe a few times a week, in fact. Perhaps you’re also investigating the cloud, and whether your enterprise would want to go with a hybrid, private or public cloud implementation. Chances are you already have a lot of storage in your infrastructure from past purchases, and when you add it all up, you could be sitting on quite a diverse collection of resources—and those resources may be significantly underutilized today.The diversity of storage types presents many options, which creates a real challenge for admins—but only because all those different resources could not be seamlessly connected until now. With storage solutions that deliver ultra-fast performance, such as all-flash arrays, some that save with low cost, cloud capacity for cold (inactive) data, and numerous other shared storage resources, most enterprise IT teams have the right resources to serve a wide variety of different data demands. The challenge is knowing what data needs which resource, then continually aligning data to the right resource as its needs change over time.To read this article in full or to leave a comment, Continue reading

1 1,987 1,988 1,989 1,990 1,991 3,696