We are pleased to put the finishing touches on our Denial of Service (DoS) research and distribute the paper. Unless you have had your head in the sand for the last year, you know DoS attacks are back with a vengeance, knocking down sites both big and small. It is no longer viable to ignore the threat, so we all need to think about what to do when we inevitably become a target.
Now that we have gone through all the preparation, deployed the technology, and set up policies, we need to operate our patch management environment. That will be our focus in this post. As we discussed in the Policy Definition post, there isn’t a huge amount of monthly leverage to be gained for patch management. You need to do the work of monitoring for new patches, assessing each new patch for deployment, testing the patches prior to deployment, bundling installation packages, and then…
Yesterday was Election Day in the US. That means hundreds of millions of citizens braved the elements, long lines, voter suppression attempts, flaky voting machines, and other challenges to exercise our Constitutional right to choose our leaders. After waiting for about 3 hours in 2008, I got smart and voted early this year. It took me about 45 minutes and it was done.
In the Introduction to the Early Warning System series, we talked about the increasing importance of threat intelligence for combating advanced attackers by understanding the tactics they are using right now against our defenses. With this intelligence, combined with information about what’s happening in your environment, you can more effectively prioritize your efforts and make better, more efficient use of your limited security resources.
We are pleased to announce the release of our white paper on securing big data environments. This research project provides a high-level overview of security challenges for big data environments. We cover the ways big data differs from traditional relational databases, both architecturally and operationally. We look at some of the built-in and third-party security solutions for big data clusters, and how they work with – and against – big data installations. Finally, we make a base set of…
So far we have focused on all the preparatory work and technology deployment that needs to happen before you can finally flip the switch and start using an endpoint security management tool in production. With the pieces in place it is now time to configure and deploy policies to prepare for the inevitable patch cycles, and to start monitoring configurations on your key devices. The first major choice is between the Quick Wins and Full Deployment processes – Quick Wins is focused on information…
My kids love Halloween. They obsess about their costumes for weeks ahead of the big day. They go back and forth with their friends to coordinate their looks. Sometimes it works (XX2 will be a candy corn with all her friends), sometimes it doesn’t (XX1 couldn’t gain consensus amongst her friends). They love to collect all sorts of candy they won’t eat and await the sugar rush when we let them partake in a few after trick or treating. They like to swing by the awesome haunted house in the…
Getting ahead of the attackers is the holy grail to security folks. A few years back some vendors sold their customers a bill of goods, claiming they could “get ahead of the threat.” That didn’t work out so well, and most of the world appreciates that security is a reactive situation. The realistic objective is to reduce the time it takes to react. We call this React Faster and Better. The foundation of the philosophy is an effective incident response process. But you can shrink the window of…
By this point planning should be complete. You have designed your patch and configuration management processes, defined priorities to manage the devices in your environment, figured out which high-level implementation process to start with, discovered the devices in your environment, and performed initial testing to make sure the new technology doesn’t break anything. Now it’s time to integrate the patch and configuration management tools into your environment. Enough of this planning stuff,…
As we described in the Introduction to Implementing and Managing Patch and Configuration Management, endpoint hygiene is key to endpoint security management. WIth the product (or service) in hand, it’s time to get the technology implemented and providing value as quickly as possible. You know the old saying, “if you fail to prepare, you prepare to fail.” It’s actually true, and the preparation in this situation involves ensuring your processes are solid, defining device coverage and roll-out…