News & Publications

Title Date

Bandura Cyber Announces Strategic Partnership with Castra Consulting to Enable Automated Threat Intelligence Protection

Collaboration Will Fuse Advanced Threat Intelligence Gateway Technology with Castra’s mSIEM Managed Service Offering

The Castra Elastic Logger for USM Appliance

A faster, more advanced solution to pair with your existing USM instance

Do you need to add long-term logging to your AlienVault USM? Do you want to combine the search power of Elastic with the advanced AlienVault USM platform? If you are looking to expand your AlienVault raw log storage while adding new possibilities for analytics, visualization and reporting, Castra’s Elastic Logger is for you.

Analysis of the GAO Report on the 2017 Equifax Breach

Cross Posted from Net Friends

The GAO report provides the most detail to date about the specifics of the breach summarized in the graphic below, such as how the attack started on the Equifax dispute portal servers, how they gained access to 51 databases and extracted data from them for over 76 days in small increments to avoid detection.

What is a Penetration Test?

There are a variety of types of penetration (pen) tests but they all boil down to having a trusted advisor digitally attack your company’s infrastructure. For many companies it’s a matter of when, not if, a compromise occurs. There are constantly news stories about well-known companies with major budgets suffering for massive data breaches and we all know about the constant plight of spammy phishing emails.

The So-Called Intel Bug

Two named bugs dropped on January 3rd, both concerning the way in which modern CPUs work. Nearly all intel hardware for approximately the past 25 years is affected. The Meltdown and Spectre bugs are severe in nature, and organizations will need to address the specific and pervasive risk of information leakage and take specific mitigative measures.

Best practice Audit Policies - Windows OS

When configuring Windows to write audit logs for your SIEM, consider the following policies as a way to improve value over volume in your logging.

Set It and Forget It...Fail.

You’ve set up your SIEM, you have logs flowing and a report or three. You are done, right? You don’t need to look at it every day, right? You can just check it on Friday on the way home, right?
It emails you an alarm, so you are done, right?

Early Thoughts on Krak

The news is coming out today about a core protocol-level flaw in WPA2-PSK named "KRAK" [a forced acronym for Key Renegotiation AttacK, the method by which connections can be compromised]

Our Thoughts On The Equifax Breach Of 2017

Cross Posted from Net Friends

Castra has been asked by several of our customers what they should do to respond to one of the biggest data breaches ever, the Equifax Breach of 2017 that resulted in the potential loss of sensitive information that could be used for identity theft, impacting just under half of the entire US population, or 143 million people.

How Does The Equifax Incident Compare to Other Data Breaches?

Cross Posted from AlienVault

The Equifax data breach news which broke last week was a bit of a shocker. About 143 million Americans were affected, which is most of the US adult population, and an unknown number of Canadians and Britons. The leaked data included some highly sensitive information including social security numbers, home addresses and credit card numbers.

Beginner’s Guide to IDS, IPS and UTM - What’s the Difference?

White Paper

There is often a lingering and general confusion over the acronyms IDS and IPS, and how they are like or unlike UTM software modules. Everyone likes primers and simple descriptive de nitions; so let’s take a look at IDS, IPS and UTM through that lens.More Info