Friday, June 10, 2016

Deception in Depth Conference

Here's the link for this month's "Long Island Security Groups" next meetup. The topic this month will be on "deception technology".

We'll be having all the big names in the deception field presenting on their technology and explaining why deception techniques are needed for security professionals protecting their networks today.  Hackers don't play fair, neither should you. Hope to see you there! http://www.meetup.com/Long-Island-Security-Group/events/231725055/



Wednesday, June 8, 2016

Random Raymond Reddington Quote


Cloud WAFs Can Improve Application Security

Here's an article I wrote for TechTarget's "SearchCloudSecurity" edition regarding the benefits of utilizing a cloud WAF within your organization. There are numerous benefits to implementing a WAF in the cloud, which I go into more in the below link. Here are my thoughts on the technology and why it's a good idea to have this service pushed to the cloud.

http://searchcloudsecurity.techtarget.com/tip/How-cloud-WAF-implementations-can-improve-application-security

Tuesday, June 7, 2016

How Microsegmentation Gives You Better Network Security

Here's an article I wrote for CloudPassage regarding how micro-segmentation allows for more control and better security throughout your network. By not having to go North/South in your network for security controls allows for a more flexible, agile and secure network.

https://blog.cloudpassage.com/2016/06/07/why-you-need-microsegmentation/

Monday, May 23, 2016

The Failed Decision of Weaponizing Drones

There comes a time in a decision-making process where you end up standing miles away from where you thought the answer to your initial decision was going to take you. It’s not a sudden thing and ends up slowly moving you away from where you thought you would have been before the decision. It’s like turning around, seeing where you started miles away in the distance, and not realizing how or when you got where you’re standing.

I feel many times this is how the American public feels about drone warfare. At what point did we have this technology turn into something of surveillance during times of true war, to a personal squad of borderless and warrantless killing machines? When did we accept the right to become judge, jury and executioner in a conflict that we’re not only fighting in, but also antagonizing?  When will we realize that by destroying tribes of people in an unsanctioned war we’re not making our lives any easier, but only swatting the hive for future attacks?

The “table-turning test” is a true example of eating your own ethical dog food. If we had people within our borders attempting to do other countries harm in a physically way, but were melted from the sky by a third party country before they were able to, America would cause a full out war.  I understand the need to protect our country, I understand the love of one’s country and wanting to defend it, but I still can’t understand the murder that we’re causing across the globe without a second thought. By loving one's country we should be concerned on how we deal with conflict in general and not just trying to eliminate conflict with more aggression.

At what point in time will the American public look back and realize that not only are foreign enemies being targeted, but anyone who’s considered an enemy of the state? With mass surveillance already in place the next natural step to keep order and monitor to civilians would be by using an unseen force that can be deployed from anywhere, to anyplace and without detection. My concern is that future of this type of mindset, the assassination of enemies with technology without thinking twice, would continue to dredge down to a local level. I know there’s been talk about protecting civilians from this type of abuse, but that’s only because they know how far an idea can spin away from them. If this happens the American public will turn around looking for their initial answer to their decision on drone warfare and instead of seeing in the distance where they started from, they’ll only see the charred earth of their starting point.  



Tuesday, May 3, 2016

Data Deception As A Defense

Let’s get something out before we start here – Deception isn’t an active blocking technology. It’s not going to stop attackers from breaking into your network and it sure isn’t going to proactively stop attacks from occurring. With that being said, you need it, maybe more than ever. Why is that? Because your defenses aren’t working and by using deception in your network it gives you the best opportunity to control the damage post-breach. With deception, you write the rules and lay traps for attackers as they actively scour for your data. It’s much harder to bypass deceptive technology when the decoys mimic genuine data or systems. The bad guys only have to mess up once and the trap is sprung.
We see attackers use deception all the time: spoofing, stolen accounts, phishing, rootkits, etc  (to name a few), so why aren’t we doing similar tactics to confuse and misdirect them from stealing our data? There are many different types of deception, but for this article we’re focusing on data deception. In order to lay a trap for an attacker using deception in your data you must first understand your data. The first rule of deception is laying a trap that looks real. If the decoys don’t look genuine you’re not fooling anyone and this will spook experienced attackers to hide deeper in your network. If you’re using deception to protect data you need to ask yourself these three questions before laying decoys:
  1. What is your sensitive data?
  2. Where is your sensitive data?
  3. Who has access to sensitive data?
Read more of my article on IdentityFinder's blog and get a better understanding of how to use data deception to protect your assets: http://www.identityfinder.com/blog/attackers-dont-play-fair-neither-should-you/#more-1601

Friday, April 29, 2016

Using Geo IP Data to Tighten Rulesets

The ability to geo-block countries is a great way to limit malicious requests from entering your network or at the very least reduce the footprint of attack from the internet – it’s a great tool to keep in your security tool box. Take a look at my article for Algosec on using GeoIP data in your firewall to tighten rulesets and increase security. 

http://blog.algosec.com/2016/04/using-geo-ip-data-tighten-firewall-rulesets.html