News & Publications
Bandura Cyber Announces Strategic Partnership with Castra Consulting to Enable Automated Threat Intelligence Protection
Collaboration Will Fuse Advanced Threat Intelligence Gateway Technology with Castra’s mSIEM Managed Service Offering
November 28, 2018
The Castra Elastic Logger for USM Appliance
A faster, more advanced solution to pair with your existing USM instance
Do you need to add long-term logging to your AlienVault USM? Do you want to combine the search power of Elastic with the advanced AlienVault USM platform? If you are looking to expand your AlienVault raw log storage while adding new possibilities for analytics, visualization and reporting, Castra’s Elastic Logger is for you.
October 16, 2018
Analysis of the GAO Report on the 2017 Equifax Breach
Cross Posted from Net Friends
The GAO report provides the most detail to date about the specifics of the breach summarized in the graphic below, such as how the attack started on the Equifax dispute portal servers, how they gained access to 51 databases and extracted data from them for over 76 days in small increments to avoid detection.
September 12, 2018
What is a Penetration Test?
There are a variety of types of penetration (pen) tests but they all boil down to having a trusted advisor digitally attack your company’s infrastructure. For many companies it’s a matter of when, not if, a compromise occurs. There are constantly news stories about well-known companies with major budgets suffering for massive data breaches and we all know about the constant plight of spammy phishing emails.
April 2, 2018
The So-Called Intel Bug
Two named bugs dropped on January 3rd, both concerning the way in which modern CPUs work. Nearly all intel hardware for approximately the past 25 years is affected. The Meltdown and Spectre bugs are severe in nature, and organizations will need to address the specific and pervasive risk of information leakage and take specific mitigative measures.
January 4, 2018
Best practice Audit Policies - Windows OS
When configuring Windows to write audit logs for your SIEM, consider the following policies as a way to improve value over volume in your logging.
December 14, 2017
Set It and Forget It...Fail.
You’ve set up your SIEM, you have logs flowing and a report or three. You are done, right? You don’t need to look at it every day, right? You can just check it on Friday on the way home, right?
It emails you an alarm, so you are done, right?
October 25, 2017
Early Thoughts on Krak
The news is coming out today about a core protocol-level flaw in WPA2-PSK named "KRAK" [a forced acronym for Key Renegotiation AttacK, the method by which connections can be compromised]
October 16, 2017
Our Thoughts On The Equifax Breach Of 2017
Cross Posted from Net Friends
Castra has been asked by several of our customers what they should do to respond to one of the biggest data breaches ever, the Equifax Breach of 2017 that resulted in the potential loss of sensitive information that could be used for identity theft, impacting just under half of the entire US population, or 143 million people.
September 14, 2017
How Does The Equifax Incident Compare to Other Data Breaches?
Cross Posted from AlienVault
The Equifax data breach news which broke last week was a bit of a shocker. About 143 million Americans were affected, which is most of the US adult population, and an unknown number of Canadians and Britons. The leaked data included some highly sensitive information including social security numbers, home addresses and credit card numbers.
September 13, 2017
327 W Main Street
Durham, NC 27701