How to make security analytics work for your organization

Falling into the analytics trapImage by ThinkstockAs the latest buzzword in IT, analytics are increasingly spanning various components of IT systems. With use cases to gather analytics around data, networks and user behaviors, there are endless possibilities for utilizing this information. But, when looking to drill down this data to inform security decisions, is a massive amount of information, which could include fall positives, really that useful? To avoid falling into an analytics trap, security professionals provide suggestions for how to best configure security analytics so they drive meaningful and actionable insights for your organization.To read this article in full or to leave a comment, please click here

Skylake Xeon E3s Serve Up Cheap Flops

AMD gets a lot of credit for creating Accelerated Processing Units that merge CPUs and GPUs on a single package or on a single die, but Intel also has a line of chips Core and Xeon processors that do the same thing for workstation and server workloads. The “Skylake-H” Xeon E3-1500 v5 chips that Intel recently announced with its new Iris Pro Graphics P580 GPUs pack quite a wallop. Enough in fact that for certain kinds of floating point math on hybrid workloads that system architects should probably give them consideration as they are building out clusters to do various

Skylake Xeon E3s Serve Up Cheap Flops was written by Timothy Prickett Morgan at The Next Platform.

IDG Contributor Network: 5 InfoSec concerns for colleges and universities

No industry or sector is immune to data breaches, but some are targeted more often than others. Education came ahead of government, retail and financial sectors, and it was second only to healthcare on Trend Micro’s list of the most-breached industries.With more than 500 security breaches across 320 higher education institutions since 2005, higher ed accounts for 35 percent of all breaches, according to an enlightening infographic from SysCloud.To read this article in full or to leave a comment, please click here

Is OVSDB a Control- or Management-Plane Protocol?

A while ago I discussed whether XMPP is a control- or management-plane protocol (spoiler: it depends). How about OVSDB? Here’s another question from one of my readers:

Why is Openflow considered as control plane protocol and OVSDB management plane protocol if both are relying on SDN controller? Is it because Openflow can directly modify the dataplane?

SDN controllers can use control- or management-plane protocols to get the job done.

Read more ...

Scanning for ClamAV 0day

Last week an 0day was released for ClamAV. Well, not really an 0day so much as somebody noticed idiotic features in ClamAV. So I scanned the Internet for the problem.

The feature is that the daemon listens for commands that tell it to do things like scan files. Normally, it listens only locally for such commands, but can be reconfigured to listen remotely on TCP port 3310. Some packages that include ClamAV sometimes default to this.

It's a simple protocol that consists of sending a command in clear text, like "PING", "VERSION", "SHUTDOWN", or "SCAN
So I ran masscan with the following command:

masscan 0.0.0.0/0 -p3310 --banners --hello-string[3310] VkVSU0lPTg==
Normally when you scan and address range (/0) and port (3310), you'd just see which ports are open/closed. That's not useful in this case, because it finds 2.7 million machines. Instead, you want to establish a full TCP connection. That's what the --banners option does, giving us only 38 thousand machines that successfully establish a connection. The remaining machines are large ranges on the Internet where firewalls are configured to respond with SYN-ACK, with the express purpose of frustrating port scanners.

But of those 38k machines, most are actually Continue reading

These are the top 5 productivity improvements from Apple’s WWDC

Apple kicked off its Worldwide Developers Conference Monday and announced a metric ton of new features for its products. Most of them target consumers, but there were several announcements that improve productivity and will benefit business users as well. Here are the top five:1. New Phone features The developer tools for iOS 10, due later this year, will include CallKit, a framework that lets developers of VoIP (voice over Internet Protocol) applications make it easier for iPhone and iPad users to take calls sent from communication apps.To read this article in full or to leave a comment, please click here

Google goes after SharePoint with new enterprise tools

Google isn't kidding when it says it's serious about the enterprise. The company announced a pair of new services on Monday that are aimed squarely at helping businesses access information and share it internally, similar to what Microsoft's SharePoint product offers. A new Springboard app gives employees at companies subscribed to Google Apps for Work a unified search box for finding just about anything, including files in Google Drive, emails in Gmail and contacts.The company also unveiled the beta version of a revamped Google Sites, which is aimed at letting less sophisticated users inside a business build websites that can be used to share information internally. The new Sites gives users templates and an easy to use editor. The editor is supposed to help create good-looking sites for communicating things like what a particular team is up to at a company with far-flung offices. To read this article in full or to leave a comment, please click here

Here are 5 reasons Symantec is buying Blue Coat

As cyber threats diversify and expand, anti-virus provider Symantec is doing the same. Late Sunday, the company said it would shell out $4.65 billion to acquire Web security provider Blue Coat. Here are five reasons the deal could make sense for Symantec.1. Threats are evolving, Symantec needs to as wellSymantec has been selling PC antivirus products for years but the PC market has slumped and cyber threats are getting sneakier and more malicious. Two years ago, a Symantec executive even declared that antivirus were "dead." Nowadays, dangers such as zero-day exploits and ransomware are affecting businesses and consumers alike, and antivirus products can't keep up.To read this article in full or to leave a comment, please click here

Here are 5 reasons Symantec is buying Blue Coat

As cyber threats diversify and expand, anti-virus provider Symantec is doing the same. Late Sunday, the company said it would shell out $4.65 billion to acquire Web security provider Blue Coat. Here are five reasons the deal could make sense for Symantec.1. Threats are evolving, Symantec needs to as wellSymantec has been selling PC antivirus products for years but the PC market has slumped and cyber threats are getting sneakier and more malicious. Two years ago, a Symantec executive even declared that antivirus were "dead." Nowadays, dangers such as zero-day exploits and ransomware are affecting businesses and consumers alike, and antivirus products can't keep up.To read this article in full or to leave a comment, please click here

FIRST LOOK: What happened at Apple’s WWDC 2016

WWDC 2016 kicks offImage by AppleOver the course of 2-plus hours in an auditorium in San Francisco, Apple showed off a host of new and refreshed software. Lots and lots of things changed, but here are the initial highlights.watchOSImage by AppleTo read this article in full or to leave a comment, please click here

iOS 10 is here: iMessage on emoji-steroids and the most third-party integrations ever

Aptly enough, iOS 10 has 10 major features that were revealed by Tim Cook and co. today.On Monday during WWDC, Apple introduced iOS 10, making the iPhone the most integrated it has ever been with third-party apps. Thank to iOS 10, developers can now design apps to directly enhance iMessage, Siri, Maps, and Notifications—as well as offer better integration of VoIP calling and a brand-new Home app.Apple’s most noticeable update comes to Messages, which the company said is the most frequently used app on iOS. In addition to opening up the iMessage platform to third-party developers, Messages in iOS 10 has gone through a major “emojification.” Emoji sent by themselves are three times bigger, and it’s easier to simply tap-and-replace certain keywords with emojis.To read this article in full or to leave a comment, please click here

7 ways to make your IoT-connected Raspberry Pi smarter

Raspberry Pi becomes more powerfulWith the explosion of interest in building Internet of Things (IoT) devices based on boards like the Raspberry Pi comes an explosion of tools that make creating RPi-based IoT systems not only easier, but also more powerful. I’ve hand-picked some of the latest, greatest and coolest tools that will make your Raspberry Pi IoT project killer. (And if you’re contemplating your operating systems choices, make sure you check out my Ultimate Guide to Raspberry Pi Operating Systems, Part 1, Part 2, and Part 3 -- 58 choices in total!)To read this article in full or to leave a comment, please click here

7 ways to make your IoT-connected Raspberry Pi smarter

Raspberry Pi becomes more powerfulWith the explosion of interest in building Internet of Things (IoT) devices based on boards like the Raspberry Pi comes an explosion of tools that make creating RPi-based IoT systems not only easier, but also more powerful. I’ve hand-picked some of the latest, greatest and coolest tools that will make your Raspberry Pi IoT project killer. (And if you’re contemplating your operating systems choices, make sure you check out my Ultimate Guide to Raspberry Pi Operating Systems, Part 1, Part 2, and Part 3 -- 58 choices in total!)To read this article in full or to leave a comment, please click here

More network design resources are available for subscribers !

As a reader of this blog, you can access all of the posts on the website for free. But if you don’t know yet, this website has a membership area. When you become a member you get access to 50+ hours network design videos which will help you in Cisco CCDE exam as well as real-life […]

The post More network design resources are available for subscribers ! appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

Quick Take: Symantec Buys Blue Coat

When former CEO Mike Brown left Symantec in April of this year, I wrote a blog about what I would do if I were recruited as Mike’s replacement.  While one of my suggestions was for Symantec to resume M&A activities, I was really thinking about a strategy for filling in product gaps – perhaps Symantec could pick up LogRhythm to add a leading SIEM to its portfolio, or grab Carbon Black for endpoint security analytics and forensics.Hmm, I never even contemplated a big-time merger, so I was as surprised as anyone when Symantec announced its plan to acquire Blue Coat.  I’ve had a few hours to digest this news and will certainly learn more in the days to come.  Nevertheless, as an industry analyst, I can’t help but voice my early opinion on this deal.To read this article in full or to leave a comment, please click here

Quick Take: Symantec Buys Blue Coat

When former CEO Mike Brown left Symantec in April of this year, I wrote a blog about what I would do if I were recruited as Mike’s replacement.  While one of my suggestions was for Symantec to resume M&A activities, I was really thinking about a strategy for filling in product gaps – perhaps Symantec could pick up LogRhythm to add a leading SIEM to its portfolio, or grab Carbon Black for endpoint security analytics and forensics.Hmm, I never even contemplated a big-time merger, so I was as surprised as anyone when Symantec announced its plan to acquire Blue Coat.  I’ve had a few hours to digest this news and will certainly learn more in the days to come.  Nevertheless, as an industry analyst, I can’t help but voice my early opinion on this deal.To read this article in full or to leave a comment, please click here