LogRhythm Labs

Proposed Incentives for Adopting the Cybersecurity Framework

LogRhythm has been involved in the authoring of the Cybersecurity Framework as outlined in one of my previous blog posts. Although the framework is still being drafted, and won’t be released for public comment until later in the year, the White…

Read More

Some Thoughts on Black Hat and DEFCON

After attending Black Hat and DEFCON this year, I noticed that there wasn’t an overarching theme, like the Cloud, APTs or Big Data that prior years have seemed to focus on. Given the recent disclosures about NSA surveillance programs, privacy was…

Read More

Connecting the Dots

This year I was fortunate enough to be able to attend the Black Hat 2013 conference in Las Vegas. The opening keynote by General Alexander set the mood for what I think will be a common trend throughout the rest…

Read More

Detecting Session Hijacking with LogRhythm’s Advanced Intelligence Engine

When a client authenticates with a Web application, a session is established. Usually a unique, pseudo-random session ID is generated and passed from the client to the Web application with each HTTP request that is made. This session ID might be…

Read More

Initial Thoughts on The Hartford Breach: Using Pattern Recognition to Identify Outbreaks

The recent compromise at The Hartford Insurance Company highlights the fact that AV software by itself isn’t always an adequate defense—even for malware that has been in the wild for quite some time. It was reported that a W32-Qakbot variant was…

Read More