Control "Monitoring" is Not Threat Monitoring
November 23rd, 2009 admin
As I write this post I’m reminded of General Hayden’s advice: “Cyber” is difficult to understand, so be charitable with those who don’t understand it, as well as those who claim “expertise.” It’s important to remember that plenty of people are trying to act in a positive manner to defend important assets, so in that spirit I offer the following commentary. Thanks to John Bambanek’s SANS post I read NIST Drafts Cybersecurity Guidance by InformationWeek’s J. Nicholas…
Related Videos from Youtube
phone security and cybersecurity ar...taosecurity.blogspot.com another of my two in one videos but this time i want to say to my subbers, that i will protect you guys from hackers, whenever i can in any form, cell phone security or pc i'm here for you guys and the youtube cominuty at large....
is prillo a nice security person or...geeks.pirillo.com i wouldn't mind if i got more subscribers who can watch my videos and i could help them in a friendly way and a good way, i'm not like prillo in any way i don't get mad at hateful comments etc taosecurity.blogspot.com
Zombie aware month.......avi...blog.fortinet.com come on join me and help in the fight against pc zombies..... i will deffend the youtube comminuty against hackers...... taosecurity.blogspot.com
AFCERT circa 2000...This video shows the United States Air Force Computer Emergency Response Team (AFCERT) in 2000. Kelly AFB, Security Hill, and Air Intelligence Agency appear. The colonel who leads the camera crew into room 215 is James Massaro, then commander of the Air Force Information Warfare Center. The old Web-based interface to the Automated Security Incident Measurement (ASIM) sensor is shown, along with a demo of the "TCP reset" capability to terminate TCP-based sessions. We have a classic quote about a "digital Pearl Harbor" from Winn Schwartau, "the nation's top information security analyst." Hilarious, although Winn nails the attribution and national leadership problems; note also the references to terrorists in this pre-9/11 video. "Stop the technology madness!" Incidentally, if the programs shown were "highly classified," they wouldn't be in this video!
Related Posts
I wanted to remind everyone about the SANS WhatWorks Summit in Forensics and Incident Response in DC, 8-9 July 2010. The Agenda looks great. I will offer the “Expert Briefing: CIRT-level Response to Advanced Persistent Threat” and participate on the “APT Panel Discussion.” This IR event is a great precursor to my next SANS...
I’d like to briefly comment on a few ideas that appeared on lists I read. First, in this Daily Dave post from June, Dave Aitel writes: So when I gave the FIRST talk, one of the questions was “What is the solution?” … Immunity sees lots of success (and has for many years) with organizations that have done high level instrumentations...
Matt Olney and I spoke about the role of a Product Security Incident Response Team ( PSIRT ) at my SANS Incident Detection Summit this month. I asked if he would share his thoughts on how software vendors should handle vulnerability discovery in their software products. I am really pleased to report that Matt wrote a thorough, public blog post...
At the RSA security conference in San Francisco today, White House cybersecurity chief Howard Schmidt said that the biggest economic threat facing the nation is the cybersecurity problem. He said the government is mobilizing to deal with electronic attacks, which have hit everyone from Google to everyday consumers who have had their identities stolen...
In my last post I mentioned the need to take threat-centric approaches to advanced persistent threat . No sooner than I had posted those thoughts do I read this: Beijing ’strongly indignant’ about U.S.-Taiwan arms sale The Obama administration announced the sale Friday of $6 billion worth of Patriot anti-missile systems, helicopters,...
Thanks to @borroff I read a fascinating article titled Cybersecurity and National Policy by Dan Geer. The title of my blog post is an excerpt from this article, posted in the Harvard National Security Journal on 7 April. This could be my favorite article of the year, and it proves to me that Dan Geer’s writing has the highest signal-to-noise...
Ken Bradley and I will conduct a Webcast for SANS on Monday 2 Nov at 1 pm EST. Check out the sign-up page. I’ve reproduced the introduction here. Every day, intruders find ways to compromise enterprise assets around the world. To counter these attackers, professional incident detectors apply a variety of host, network, and other mechanisms...
Does anyone think this is a good idea? Under an agreement that is still being finalized, the National Security Agency would help Google analyze a major corporate espionage attack that the firm said originated in China and targeted its computer networks, according to cybersecurity experts familiar with the matter. The objective is to better defend...
In a recent Tweet I recommended reading Joe Stewart’s insightful analysis of malware involved in Google v China . Joe’s work is stellar as always, but I am reading more and more commentary that shows many people don’t have the right frame of reference to understand this problem. In brief, too many people are focusing on the malware...
Really interesting reading. Scam-Detective: How did you find victims for your scams? John: First you need to understand how the gangs work. At the bottom are the “foot soldiers”, kids who spend all of their time online to find email addresses and send out the first emails to get people interested. When they receive a reply, the victim...
Related Tweets from Twitter
|
mp_mccabe (Michael McCabe) : RT @MHComputing: Review of IT #Security Metrics: A Practical Framework for Measuring Security & Protecting #Data http://ow.ly/2zaUU.. Updated : 2010-09-03T21:27:16Z | Reply | View Tweet |
|
ddpbsd (dan) : #FF @xme @gattaca @hevnsnt @indi303 @jack_daniel @lizborden @taosecurity all smart and entertaining... Updated : 2010-09-03T21:05:24Z | Reply | View Tweet |
|
4v4t4r (4v4t4r) : #InfoSec #FF 5 @exploitdb @PenTesterScript @crackinglandia @kfs @CoreSecurity @taosecurity @thomas_wilhelm @ethicalhacker @_Laz3r_.. Updated : 2010-09-03T20:04:05Z | Reply | View Tweet |
|
aircrackng (Thomas d'Otreppe) : RT @joswr1ght: TaoSecurity: Review of Hacking Exposed: Wireless, 2nd Ed Posted http://t.co/aicbN1F via @taosecurity (Awesome!).. Updated : 2010-09-03T19:44:59Z | Reply | View Tweet |
|
karlarss (Karla Rosas) : RT @barucomx: RT @taosecurity: 10 easy ways to fail a Ph.D. http://bit.ly/aQOHCr I like the focus on research, (cont) http://tl.gd/3feb98.. Updated : 2010-09-03T18:13:22Z | Reply | View Tweet |
Related News from Digg
Leave a comment
| Trackback
