Sourcefire Corporate Blog

I have also some issues with the stacked principle...

2012-04-02T22:57:36.869-04:00

I have also some issues with the stacked principle in the model of which these anti-malware softwares were designed. We need a better collaborative model as an evolving standards.
anti spam service

Hopefully, these new laws will help elevate standa...

2012-03-29T21:14:52.648-04:00

Hopefully, these new laws will help elevate standards against malware via compliance to the new standards.
anti spam service

MacGyver is pretty accurate, but I do spend a dece...

2012-03-28T14:45:34.473-04:00

MacGyver is pretty accurate, but I do spend a decent amount of time yelling at my laptop...

I agree with your main point. Malwares are multi-p...

2012-03-21T21:44:59.253-04:00

I agree with your main point. Malwares are multi-platforms in which they also leverage several platforms as an avenue of attack. They can pass through via email or an infected hardware.
anti spam service

Malwares are the dangerous one we should be aware ...

2012-02-29T00:06:15.396-05:00

Malwares are the dangerous one we should be aware of it

Thanks for the info and sharing

2012-02-29T00:03:59.107-05:00

Thanks for the info and sharing

Security is must. its good to know about this than...

2012-02-29T00:03:10.782-05:00

Security is must. its good to know about this thanks for sharing

Nice Post

2012-02-06T21:15:39.193-05:00

Nice Post

Endpoint security is an approach to network protec...

2012-01-30T00:54:03.704-05:00

Endpoint security is an approach to network protection that requires each computing device on a corporate network to comply with certain standards before network access is granted.

Thanks.

2011-12-07T00:37:32.068-05:00

Thanks.

Marcos, email us at socialmedia@sourcefire.com wit...

2011-12-05T12:19:29.572-05:00

Marcos, email us at socialmedia@sourcefire.com with your details and we'll get you connected with the right person!

Oooh! Can I have a demo box to play with please? :...

2011-12-05T11:54:16.696-05:00

Oooh! Can I have a demo box to play with please? :o)

marcos

My favorite iteration of the Snort pig was the one...

2011-12-01T15:16:04.431-05:00

My favorite iteration of the Snort pig was the one that very quietly adorned the corner of the snort.org page wearing his Virginia Tech gear showing solidarity to all the were touched by the tragedy. Keep up the great work Chris. (I wonder if it would make a good tattoo?)

It has its advantages depending on the function. S...

2011-11-24T07:02:52.012-05:00

It has its advantages depending on the function. Secure your data as much as possible.

call recording

This may also help http://www.hackersgarage.com/ap...

2011-11-23T13:00:47.980-05:00

This may also help http://www.hackersgarage.com/apache-killer-denial-of-service-flaw-in-apache-webserver.html

I agree that an AP clerk should focus on paying bi...

2011-11-15T15:36:52.591-05:00

I agree that an AP clerk should focus on paying bills, I also believe that security should focus on enabling them to do that securely. When the security hinders them from achieving their goals, as in the sales example, as could be applied to the AP clerk, and to the HR manager, security fails.

Security should not be forced upon users, it should not be a heavy handed authoritarian control, it should not in any way be something they are forced to deal with. Security should be something the user can understand, something they value, and something they feel free to discuss with the experts. Until openness about security happens as a water cooler dialog, nothing imposed upon users is going to be truly successful.

Apathy is a problem that has existed for a long time and should be handled at the business level. In the end, apathetic attitudes towards security aren't the problem. Apathy itself is. If a user is apathetic that will show in all of their actions, not just relating to security. While you will never fully eliminate apathy in an organization, I believe that you can and should identify those users as high risk and target appropriate mitigating controls towards them, without hindering the rest of the business.

Where does apathy fit into your discourse? In my ...

2011-11-15T14:36:12.904-05:00

Where does apathy fit into your discourse? In my experience, that has been the largest people-centric security problem out there. Your average user does not care one iota about the security of their environment. The sales example you give is a good one. The sales rep could be leaking company trade secrets and they simply do not care. In a lot of cases, an infected computer is "free time off" for your average cubicle drone.

I think you give the user base too much credit. For every one employee who is truly hindered from doing their job due to an onerous security control, there are hundreds of users who are a danger to themselves and the network. Security is something that needs to be built into the application. There will always be a trade off between security and usability. A good development team can find the balance, and when in doubt should always err toward security. It might make the users' lives more frustrating, but lets be honest here. If work were all rainbows and unicorns, they would not have to pay us to be there.

Developing tools that "...are made to enhance the abilities of people to secure their environment." only works if people care about securing their environment. Most people do not. That is why security is forced upon them.

And really, that is how it should be. An AP clerk needs to be focusing on paying bills, not securing the computer. The sales rep needs to be focused on meeting customers and closing deals, not securing the computer. The HR manager needs to be focused on retaining top talent and making sure that the benefit packages are adequate NOT .......

Michael - Thanks for the comment, and the compleme...

2011-10-26T11:11:32.527-04:00

Michael - Thanks for the comment, and the complement. In reading your post it's clear that we have similar thoughts on dynamic security intelligence. Like many things in life, admitting that you have a problem is the first step. The "problem" in this case is that threats change too quickly for static defenses.

We are only about halfway into this series, so I hope you check back and offer more comment.

Thanks,
~chris

Chris: Excellent post, and I couldn't agree mo...

2011-10-26T10:46:19.123-04:00

Chris: Excellent post, and I couldn't agree more. We believe intelligence is about capturing the most possible information, and continuously correlating and analyzing it for anomalies. No one can know what the next threats will be or what vulnerabilities they will attack, so a dynamic, real time approach is the only way to go if you're serious about protecting your assets.

I described our view of Security Intelligence in a recent Q1 Labs blog here: http://blog.q1labs.com/2011/08/15/what-is-security-intelligence-and-why-does-it-matter-today/ .

Michael Applebaum, Q1 Labs
http://twitter.com/ma08

Hi Martin, An excellent list of core manifesto it...

2011-10-05T10:32:32.736-04:00

Hi Martin,

An excellent list of core manifesto items. A couple of additional points that might be worth considering:

- Security is about the integrity and availability of assets, systems and processes; security is not just about stopping bad guys.

- Organisations must document their security requirements, normally in the form of policy. Without documented asset protection requirements everything is just a tactical response and you can't win a war with tactics alone.

BenR

You should have constant security updates on your ...

2011-09-28T01:53:14.523-04:00

You should have constant security updates on your username and passwords.
US VPN