Endpoint detection and response: What’s important?

My colleagues Doug Cahill, Kyle Prigmore and I recently completed a research project on next-generation endpoint security. We determined that there are actually two distinct product categories within next-generation endpoint security: advanced prevention and advanced detection and response (EDR). While most firms seem to be gravitating toward advanced prevention, massive enterprise organizations tend to move in the opposite direction by evaluating, testing and deploying EDR products. Why? These organizations have large cybersecurity teams with lots of experience, so they are willing to dedicate resources toward more complex projects.Furthermore, many of these enterprise organizations are already investing in security analytics by collecting, processing and analyzing data from numerous disparate sources (i.e., network forensics, events/logs, threat intelligence, etc.). Endpoint forensic data is a natural extension of these cybersecurity analytics efforts. To read this article in full or to leave a comment, please click here

Endpoint detection and response: What’s important?

My colleagues Doug Cahill, Kyle Prigmore and I recently completed a research project on next-generation endpoint security. We determined that there are actually two distinct product categories within next-generation endpoint security: advanced prevention and advanced detection and response (EDR). While most firms seem to be gravitating toward advanced prevention, massive enterprise organizations tend to move in the opposite direction by evaluating, testing and deploying EDR products. Why? These organizations have large cybersecurity teams with lots of experience, so they are willing to dedicate resources toward more complex projects.Furthermore, many of these enterprise organizations are already investing in security analytics by collecting, processing and analyzing data from numerous disparate sources (i.e., network forensics, events/logs, threat intelligence, etc.). Endpoint forensic data is a natural extension of these cybersecurity analytics efforts. To read this article in full or to leave a comment, please click here

Download the New ‘Wi-Fi Design Poster’ Today!

Performing a proper Wi-Fi design is critical to success. Modern WLANs have grown ever more complex, having to provide high quality coverage, meet density and capacity requirements, facilitate user mobility and roaming, all while minimizing both Wi-Fi interference and external RF interference. The new 'Wi-Fi Design Poster' can provide a quick reference for wireless engineers. The poster was a collaborative effort between myself and Ekahau.

The poster covers the 4 critical aspects of Wi-Fi design, an overview of the design process, and 10 high-performance Wi-Fi tips and tricks.

Download and print yours today! It is available as both a poster and an infographic. We hope you like it :) Please share it if you think others would benefit as well.

Ekahau and Revolution Wi-Fi Design Infographic (vertical).png

Transfer by US of Internet oversight could face new hurdles

U.S. plans to transfer the oversight of key technical Internet functions to an international multi-stakeholder governance model have run into hurdles with two bills being introduced on Wednesday that would require the government to first take the approval of Congress for the transition.A bill proposed in the Senate by Ted Cruz, a Republican from Texas, called the Protecting Internet Freedom Act, would prohibit any transfer of Internet domain name system functions except if expressly allowed under a federal statute passed after the new legislation has been enacted.To read this article in full or to leave a comment, please click here

Transfer by US of Internet oversight could face new hurdles

U.S. plans to transfer the oversight of key technical Internet functions to an international multi-stakeholder governance model have run into hurdles with two bills being introduced on Wednesday that would require the government to first take the approval of Congress for the transition.A bill proposed in the Senate by Ted Cruz, a Republican from Texas, called the Protecting Internet Freedom Act, would prohibit any transfer of Internet domain name system functions except if expressly allowed under a federal statute passed after the new legislation has been enacted.To read this article in full or to leave a comment, please click here

Do it now! From SHA-1 to SHA-2 in 8 steps

As deadlines go, Jan. 1, 2017, isn’t far away, yet many organizations still haven’t switched their digital certificates and signing infrastructure to use SHA-2, the set of cryptographic hash functions succeeding the weaker SHA-1 algorithm. SHA-1 deprecation must happen; otherwise, organizations will find their sites blocked by browsers and their devices unable to access HTTPS sites or run applications.7. Get the new certificateTo read this article in full or to leave a comment, please click here(Insider Story)

Do it now! From SHA-1 to SHA-2 in 8 steps

As deadlines go, Jan. 1, 2017, isn’t far away, yet many organizations still haven’t switched their digital certificates and signing infrastructure to use SHA-2, the set of cryptographic hash functions succeeding the weaker SHA-1 algorithm. SHA-1 deprecation must happen; otherwise, organizations will find their sites blocked by browsers and their devices unable to access HTTPS sites or run applications.7. Get the new certificateTo read this article in full or to leave a comment, please click here(Insider Story)

Do it now! From SHA-1 to SHA-2 in 8 steps

As deadlines go, Jan. 1, 2017, isn’t far away, yet many organizations still haven’t switched their digital certificates and signing infrastructure to use SHA-2, the set of cryptographic hash functions succeeding the weaker SHA-1 algorithm. SHA-1 deprecation must happen; otherwise, organizations will find their sites blocked by browsers and their devices unable to access HTTPS sites or run applications.All digital certificates -- to guarantee the website accepting payment card information is secure, software is authentic, and the message was sent by a person and not an impersonator -- are signed by a hashing algorithm. The most common is currently SHA-1, despite significant cryptographic weaknesses that render the certificates vulnerable to collision attacks.To read this article in full or to leave a comment, please click here(Insider Story)

Securing your car from cyberattacks is becoming a big business

A modern car has dozens of computers with as much as 100 million lines of code -- and for every 1,000 lines there are as many as 15 bugs that are potential doors for would-be hackers.With vehicles becoming more automated and connected to the Internet, to other cars and even roadway infrastructure, the number of potential intrusion points is growing  exponentially, according to Navigant Research.While cybersecurity became a top priority for carmakers after a 2015 Jeep Cherokee was hacked last year, the lead time for developing a new car is three to five years and with a service life of 20 years or more, most vehicles have systems that bare vastly outdated compared to the latest consumer electronics devices.To read this article in full or to leave a comment, please click here

Securing your car from cyberattacks is becoming a big business

A modern car has dozens of computers with as much as 100 million lines of code -- and for every 1,000 lines there are as many as 15 bugs that are potential doors for would-be hackers.With vehicles becoming more automated and connected to the Internet, to other cars and even roadway infrastructure, the number of potential intrusion points is growing  exponentially, according to Navigant Research.While cybersecurity became a top priority for carmakers after a 2015 Jeep Cherokee was hacked last year, the lead time for developing a new car is three to five years and with a service life of 20 years or more, most vehicles have systems that bare vastly outdated compared to the latest consumer electronics devices.To read this article in full or to leave a comment, please click here

Why you don’t have to fix every vulnerability

Let that vulnerability sit for a bitImage by ThinkstockThe word “vulnerability” typically comes with a “must fix now” response. However, not all vulnerabilities should be treated equally because not all of them pose a risk. It all depends on what the data represents. In fact, some vulnerabilities are OK to deprioritize, depending on associated threats and the value of the asset at risk. For example, a lock on a 20th floor window of a building is not as important as one on the ground level, unless the contents of the room are so valuable that a thief would take the effort to access such an unreachable place. Scans reveal thousands of vulnerabilities across all assets – networks, applications, systems and devices – but they do not show which ones could lead to a damaging compromise if not fixed immediately. It is not about ignoring vulnerabilities; it is about prioritizing how you apply your resources to remediate them. Bay Dynamics provides some examples of vulnerabilities that are OK to put on the back burner.To read this article in full or to leave a comment, please click here

Why you don’t have to fix every vulnerability

Let that vulnerability sit for a bitImage by ThinkstockThe word “vulnerability” typically comes with a “must fix now” response. However, not all vulnerabilities should be treated equally because not all of them pose a risk. It all depends on what the data represents. In fact, some vulnerabilities are OK to deprioritize, depending on associated threats and the value of the asset at risk. For example, a lock on a 20th floor window of a building is not as important as one on the ground level, unless the contents of the room are so valuable that a thief would take the effort to access such an unreachable place. Scans reveal thousands of vulnerabilities across all assets – networks, applications, systems and devices – but they do not show which ones could lead to a damaging compromise if not fixed immediately. It is not about ignoring vulnerabilities; it is about prioritizing how you apply your resources to remediate them. Bay Dynamics provides some examples of vulnerabilities that are OK to put on the back burner.To read this article in full or to leave a comment, please click here

5 reasons the Surface Pro 4 is fit for the enterprise

Many manufacturers have been vying for the title, " best enterprise hybrid tablet" since the release of the Apple iPad Pro and Samsung TabPro S. However, none have managed to live up to the Surface Pro 4, which was quickly hailed as one of the fastest adopted enterprise tablets soon after its release, and it recently surpassed the Apple iPad Pro for sales in the U.K.It's popularity is no accident Microsoft has spent years tirelessly improving its hybrid offerings, and that work has resulted in an ideal hybrid enterprise device. Microsoft's Surface Pro 4 has a lot going for it in the corporate world, and it and become a great option for any IT department looking to transition to a hybrid tablet device. If you're thinking of getting a Surface Pro 4 for business, here are the top five features of the Surface Pro 4.To read this article in full or to leave a comment, please click here

IoT pushes IT security to the brink

The Internet of Things (IoT) offers many possible benefits for organizations and consumers—with unprecedented connectivity of countless products, appliances and assets that can share all sorts of information. IoT also presents a number of potential security threats that organizations need to address.“There is no doubt the levels of risk are set to increase alongside the growth in deployment of IoT devices,” says Ruggero Contu, research director at Gartner. IoT will introduce thousands of new threat vectors simply by increasing the number of networked points, Contu says.While IoT offers great opportunities, in interconnected environments “the security risks increase exponentially and the attack vector or surface is—in theory—potentially limitless,” says Laura DiDio, director enterprise research, Systems Research & Consulting at Strategy Analytics.To read this article in full or to leave a comment, please click here

IoT pushes IT security to the brink

The Internet of Things (IoT) offers many possible benefits for organizations and consumers—with unprecedented connectivity of countless products, appliances and assets that can share all sorts of information. IoT also presents a number of potential security threats that organizations need to address.“There is no doubt the levels of risk are set to increase alongside the growth in deployment of IoT devices,” says Ruggero Contu, research director at Gartner. IoT will introduce thousands of new threat vectors simply by increasing the number of networked points, Contu says.While IoT offers great opportunities, in interconnected environments “the security risks increase exponentially and the attack vector or surface is—in theory—potentially limitless,” says Laura DiDio, director enterprise research, Systems Research & Consulting at Strategy Analytics.To read this article in full or to leave a comment, please click here

Raspberry Pi news roundup: Some burgers to go with that Pi?

You’d think that people would be squashing up against the limits of what you can do with a Raspberry Pi by now, but you’d be wrong. One enterprising Redditor has decided to play Pinocchio to a toy GameBoy – handed out by Burger King as part of a promotion – and turn it into a real one, using an emulator and a Raspberry Pi Zero. It’s an impressive feat of electronic DIY by user Joe7Dust, publicized by fellow Redditor ChaseLambeth, who had been trying to do the same thing himself before he noticed that someone else had already had the finished article.To read this article in full or to leave a comment, please click here

Docker networking with IPVLAN and Cumulus Linux

Macvlan and Ipvlan Network Drivers are being added as Docker networking options. The IPVlan L3 Mode shown in the diagram is particularly interesting since it dramatically simplifies the network by extending routing to the hosts and eliminating switching entirely.

Eliminating the complexity associated with switching broadcast domains, VLANs, spanning tree, etc. allows a purely routed network to be easily scaled to very large sizes. However, there are some challenges to overcome:
IPVlan will require routes to be distributed to each endpoint. The driver only builds the Ipvlan L3 mode port and attaches the container to the interface. Route distribution throughout a cluster is beyond the initial implementation of this single host scoped driver. In L3 mode, the Docker host is very similar to a router starting new networks in the container. They are on networks that the upstream network will not know about without route distribution.
Cumulus Networks has been working to simplify routing in the ECMP leaf and spine networks and the white paper Routing on the Host: An Introduction shows how the routing configuration used on Cumulus Linux can be extended to the hosts.

Update June 2, 2016: Routing on the Host contains packaged versions of the Continue reading
1 2,906 2,907 2,908 2,909 2,910 3,842