News & Publications

Title Date

How to Protect Your Business from a Cyber-Attack

Cross Posted from ITProPortal

In today's digital world, cyber attacks are inevitable and businesses must protect themselves accordingly.

Cleanrooming Legacy Systems

The WCry worm threw into sharp relief how quickly the turnaround between exploit announcement and the use of said exploit in a high-profile attack can be: a vulnerability patched in March, with a public exploit shown in April, was used worldwide in early May.

Network Segmentation

Network segmentation is the practice of dividing a formerly 'flat' network [where every device can contact every other device] into a series of segments that have restricted communication between them.

Egress Filtering

Egress filtering counteracts situations when the attacker is either seeking to sniff internal traffic that may be leaking outside the gateway or to provide a block against [and potentially notification of] so-called C2 traffic generated when an attacker has succeeded in infecting a system. Once egress filtering is put in place, your network will be far safer, and a much harder target for most attackers.

Happy Patch Tuesday

In today's batch of patches from Microsoft, there are several very important vulnerabilities, but there is one that is specifically critical for users of Alienvault installations.



Confused about IDS? Do you wish three experts were just sitting around willing to answer questions about it? Well push policy and sit back because it just happened! Get your questions answered in this "Ask the Experts" Google Hangout. We’ll start off with the basics like implementation; How much IDS do I need? Where do I install it? What can’t IDS do?

AdBlocking and Adblocker Blocking

Most people are familiar with the notion of an adblocker. It's pretty much what it says on the label: a program that blocks ads from showing. They may not, however, be entirely familiar with how adblockers work or what the best kind of adblocker for their use might be.

Default Credentials Considered Harmful

The use of default credentials by vendors is an outdated, dangerous throwback to 20th century practices that has no business being used in today's world. It is this specific antique practice that is directly responsible for the existence of the record-breaking denial-of-service botnet recently used to censor Brian Krebs and the similar attack on OVH - these botnets only exist because default credentials were implemented on devices, in flagrant violation of best-practices when building appliances.

Shadyware - Fuzzy and Grey like a Cat, not a PUP

I’d like to pose a question: What's the difference between malware and legitimate software? The line between malware and legitimate software can sometimes be a very fuzzy and grey one.

Password Paste Prevention: Security Friend or Foe?

Password managers help secure the sites that allow them to be used – providing protection from both their own users, who historically choose weak credentials when forced to memorize them, and from the users' other accounts on other sites that might have been breached. If this functionality offers so many benefits, why would any site want to disable password managers?

Beginner’s Guide to IDS, IPS and UTM - What’s the Difference?

White Paper

There is often a lingering and general confusion over the acronyms IDS and IPS, and how they are like or unlike UTM software modules. Everyone likes primers and simple descriptive de nitions; so let’s take a look at IDS, IPS and UTM through that lens.More Info