Friday, January 29, 2016

SOAP/WCF...just die already!

To paraphrase Walter White's son in the TV show Breaking Bad, "just die" SOAP & WCF.

While RESTful and JSON APIs are not a silver bullet, they are certainly better than SOAP & WCF,

I am sure that AJAX and XML will live on, but SOA needs to pass the torch.

Thursday, January 28, 2016

WAF/MDM/2FA/CAPTCHA/DLP/SSL/... Bypass

It is extremely important to test out the effectiveness of your compensating controls.

Many organizations have rested on their laurels after implementing one of the tools above only to experience a data breach.

A cynic might say that this is the difference between compliance and information security.

Wednesday, January 27, 2016

More Than SIEM (VSOC, SOC) - Threat Intelligence

In contemporary times it is no longer enough for an organization to simply collect data in a SIEM (on-premise, cloud/VSOC, SOC).

This data must be analyzed and correlated with national, industry, and association-based threat intelligence to determine attack vectors and action items.

In other words, it is essential for us to move beyond security compliance to stop subsequent data breaches.

Tuesday, January 26, 2016

DDoS Prevention: Build vs Buy

In light of the recent DDoS atatcks against the Irish government, it is prudent that organizations take steps to prevent DDoS attacks.

Such attacks may affect either layer 7 or layer 4 of an organization's technology stack, and therefore solutions should be put in place to cover both attack vectors.

Many organizations leverage cloud-based solutions, such as: Imperva Incapsula, Cisco OpenDNS, or F5 Silverline.  However, an organization can leverage more cost effective solutions as well, like: ModSecurity (with a commercial license from SpiderLabs for layer 7 protections) and iptables (for layer 4 protections).