A fast and scalable solution to pair with your existing USM instance
Do you need to add long-term logging to your AlienVault USM? Do you want to combine the search power of Elastic with the advanced AlienVault USM platform? If you are looking to expand your AlienVault raw log storage while adding new possibilities for analytics, visualization and reporting, Castra’s Elastic Logger is for you.More Info
How Does The Equifax Incident Compare to Other Data Breaches?
Cross Posted from AlienVault
The Equifax data breach news which broke last week was a bit of a shocker. About 143 million Americans were affected, which is most of the US adult population, and an unknown number of Canadians and Britons. The leaked data included some highly sensitive information including social security numbers, home addresses and credit card numbers.More Info
How to Protect Your Business from a Cyber-Attack
Cross Posted from ITProPortal
In today's digital world, cyber attacks are inevitable and businesses must protect themselves accordingly.More Info
Cleanrooming Legacy Systems
The WCry worm threw into sharp relief how quickly the turnaround between exploit announcement and the use of said exploit in a high-profile attack can be: a vulnerability patched in March, with a public exploit shown in April, was used worldwide in early May.More Info
Network segmentation is the practice of dividing a formerly 'flat' network [where every device can contact every other device] into a series of segments that have restricted communication between them.More Info
Egress filtering counteracts situations when the attacker is either seeking to sniff internal traffic that may be leaking outside the gateway or to provide a block against [and potentially notification of] so-called C2 traffic generated when an attacker has succeeded in infecting a system. Once egress filtering is put in place, your network will be far safer, and a much harder target for most attackers.More Info
Happy Patch Tuesday
In today's batch of patches from Microsoft, there are several very important vulnerabilities, but there is one that is specifically critical for users of Alienvault installations.More Info
IDS / IPS / FP / OMG / WTF?
Confused about IDS? Do you wish three experts were just sitting around willing to answer questions about it? Well push policy and sit back because it just happened! Get your questions answered in this "Ask the Experts" Google Hangout. We’ll start off with the basics like implementation; How much IDS do I need? Where do I install it? What can’t IDS do?More Info
AdBlocking and Adblocker Blocking
Most people are familiar with the notion of an adblocker. It's pretty much what it says on the label: a program that blocks ads from showing. They may not, however, be entirely familiar with how adblockers work or what the best kind of adblocker for their use might be.More Info
Default Credentials Considered Harmful
The use of default credentials by vendors is an outdated, dangerous throwback to 20th century practices that has no business being used in today's world. It is this specific antique practice that is directly responsible for the existence of the record-breaking denial-of-service botnet recently used to censor Brian Krebs and the similar attack on OVH - these botnets only exist because default credentials were implemented on devices, in flagrant violation of best-practices when building appliances.More Info
Shadyware - Fuzzy and Grey like a Cat, not a PUP
I’d like to pose a question: What's the difference between malware and legitimate software? The line between malware and legitimate software can sometimes be a very fuzzy and grey one. More Info
Beginner’s Guide to IDS, IPS and UTM - What’s the Difference?
There is often a lingering and general confusion over the acronyms IDS and IPS, and how they are like or unlike UTM software modules. Everyone likes primers and simple descriptive de nitions; so let’s take a look at IDS, IPS and UTM through that lens.More Info