Videos Tagged with "Network Security"
Video: Do I Have to Secure All My Applications?
September 24, 2012
Attackers take advantage of any externally facing web application. If you think about a web application is not mission because it’s not touching data and if there is a SQL Injection vulnerability that exists in there attackers can use that to gain a foothold inside the network...
Comments (0)
BlackHat 2012: Dwayne Melancon Key Takeaways
August 13, 2012
Melancon notes a key finding that “Hackers are always looking for outliers…and the key is to have a way to evaluate your systems and security posture continuously and be able to react pretty quickly.” What else can businesses learn from hackers? Check out this video to find out...
Comments (0)
When to Strike Back: Mitigative and Retributive Counterstriking
August 10, 2012
Our information and cyber security perimeters and infrastructures are battered daily by scores of probes, scans, and attacks. We stand in defensive posture ducking, bobbing and weaving as we try to avoid the offensive onslaught. It is a losing proposition. Isn't it time we started striking back?
Comments (0)
What it Takes to Create Intelligence for a Stuxnet, Flame or Duqu
August 06, 2012
Stuxnet, Flame, Duqu and Mahdi are but payloads of overall programs designed through the work of intelligence. The news, anti-virus firms, managed security companies and consultancies all focus on the malware and the code. They are missing the big picture...
Comments (0)
BlackHat 2012: Alexander Polyakov on New SAP Vulnerabilities
August 01, 2012
Alexander Polyakov describes a recently discovered and widespread architectural vulnerability which especially targets SAP applications and allows for the bypassing of SAP security restrictions, such as firewalls, even in secure landscapes...
Comments (0)
On Proper System Hardening
May 16, 2012
When a system or device has been properly hardened, all unnecessary bells and whistles are turned off, disabled, or simply ripped out, leaving only the bare minimum needed to run the service. This creates a much smaller surface area to attack...
Comments (0)
LIGHTS: Addressing Cybersecurity for Smaller Facilities
April 26, 2012
Watch the roundtable launch of the LIGHTS program from April 24. LIGHTS Chair Chris Blask opens with a presentation on major issues facing industrial facilities, then is joined by Energysec's Steve Parker, Joel Langill a.k.a. SCADAHacker, and AWWA's Kevin Morley and Gary Sturdavan...
Comments (1)
Using Interface Devices for Network Penetration Testing
April 26, 2012
Javvad Malik caught up with Nikhil Mittal at Black Hat Europe 2012 to talk about some human interface technology and their use in network penetration testing. Javvad's coverage of Black Hat Europe courtesy of Infosec Island and NETpeas...
Comments (0)
The Future of Network Security, SSL, and Certificate Authorities
April 25, 2012
Infosec Island's Javvad Malik caught up with Tom Ritter at Black Hat Europe 2012 to discuss the future of network security, SSL, Certificate Authorities and all kinds of security goodness. Javvad's coverage of Black Hat Europe courtesy of Infosec Island and NETpeas...
Comments (0)
Javvad Malik Interviews Don Bailey at Black Hat EU 2012
April 24, 2012
Javvad Malik caught up with Don Bailey at Black Hat Europe 2012 to hear about machine to machine technology and the security challenges it brings. Javvad's coverage of Black Hat Europe courtesy of Infosec Island and NETpeas...
Comments (0)
Javvad Malik on Hacking Tools and Ethics
April 20, 2012
Joshua Corman wrote a post in which he raises some valid points about tools like Metasploit. Naturally, the purpose such tools is to aid a security tester in finding vulnerabilities. However you cannot dictate if someone will use this for attack or defensive purposes...
Comments (0)
Video: FBI's Top Cyber Official Discusses Threats
March 30, 2012
"Those early attacks were much more intermittent. We are seeing literally thousands of attacks a day. The ones people hear about are often because victims are coming forward. And there are more substantial attacks that people don’t ever see or hear about..."
Comments (0)
Javvad Malik on Infosec Mistakes
March 23, 2012
We all learn from our mistakes. Tripwire compiled the 25 mistakes infosec people make and I’m adding my own. You can see great examples such as “Yes, a UFO is an unidentified flying object, but it’s probably an alien” and “Is there an award for having the most passwords?”
Comments (0)
BSidesSF: AlienVault CTO Roger Thornton on Network Visibility
February 29, 2012
Roger Thornton, CTO at AlienVault, discusses the need for organizations to reduce the overall cost of network security visibility. He believes that technology is not the problem, but instead it is the time, money and staff needed for effective and meaningful visibility...
Comments (0)
BSidesSF: Dominique Karg on the AlienVault Open Source Model
February 28, 2012
Dominique Karg, Co-Founder and Chief Hacking Officer for AlienVault, took some time to discuss the many myths around open source architecture, the inherent benefits and problems, and why AlienVault ultimately decided to go with the open source model...
Comments (0)
BSidesSF: Dr. Mike Lloyd on Measuring Security Effectiveness
February 28, 2012
In his thought-provoking presentation at Security BSides SFO, Dr. Mike Lloyd - CTO at RedSeal Networks described methods for building an enterprise security metrics program that’s completely different from the current model of counting vulnerabilities or patches applied...
Comments (1)
- GitHub Hires Former Cisco Executive Mike Hanley as Chief Security Officer
- Reddit Names Allison Miller as Chief Information Security Officer (CISO)
- SecurityWeek Names Ryan Naraine as Editor-at-Large
- Why Cyber Security Should Be at the Top of Your Christmas List
- United States Federal Government’s Shift to Identity-Centric Security
- How Extreme Weather Will Create Chaos on Infrastructure
- BSIMM11 Observes the Cutting Edge of Software Security Initiatives
- Sustaining Video Collaboration Through End-to-End Encryption
- Will Robo-Helpers Help Themselves to Your Data?
- Securing the Hybrid Workforce Begins with Three Crucial Steps