“A Successful SIEM deployment: truth or fantasy”…a controversial opening statement one might say for a consultant who works for a SIEM provider (LogRhythm) and preaches the virtues of the technology. Am I saying that a successful SIEM deployment is a…
Read MoreJanuary 7, 2015
All kind of different services, like web browsing, email, active directory, etc., use the Domain Name System (DNS) protocol to turn IP addresses into human readable names and vice versa. DNS was never intended to be used for data transfer,…
Read MoreDecember 17, 2014
Windows account lockout policies are an effective and recommended best practise for securing against brute force attacks. When these activities occurs within the perimeter of an Enterprise’s network, LogRhythm’s SIEM makes it a simple task to quickly work out the…
Read MoreDecember 10, 2014
On Tuesday, Microsoft released an emergency update to Windows Server 2003 through 2012 R2 to address a vulnerability that enables an attacker to escalate privileges for any account on a Windows Domain. The vulnerability can be detected in Windows Server…
Read MoreNovember 19, 2014
Tricking users into copying different commands from what is displayed on a web page… OK, maybe I’m late to this party but I recently came across a very cool attack vector that I had not heard about until now. There’s…
Read MoreOctober 8, 2014
These past couple weeks have been a blur. I had the opportunity to attend and speak at both AppSecUSA and DerbyCon and can not say enough good things about these conferences. There were so many excellent talks and activities that…
Read MoreOctober 3, 2014
