Holochains (http://ceptr.org/projects/holochain) and other derivatives are making their way into this new ecosystem.
It seems that IoMT and other tech that requires firmware to have high level of integrity are the best use cases.
Wednesday, May 31, 2017
Thursday, May 18, 2017
Dual of Cloud Silver Bullets: Aporeto vs RedLock
Both are flush w/ cash & both have stormed outta the gate for cloud security.
The question is who is there customer? Many orgs have existing InfoSec investments that could be extended to the cloud via virtual appliances. So, unless cloud security providers (CSPs) bundle these solutions in, I would think that large, Fortune 1000 companies wouldnt be early adopters.
TBD....
The question is who is there customer? Many orgs have existing InfoSec investments that could be extended to the cloud via virtual appliances. So, unless cloud security providers (CSPs) bundle these solutions in, I would think that large, Fortune 1000 companies wouldnt be early adopters.
TBD....
Monday, May 15, 2017
Ransomware & Incident Response: Thoughts from WannaCry, WannaCry2, & WannaCrypt0r
Lots of content has been created for detecting & dealing with ransomware; however, these past few days have seen a flurry of different attacks & thus require some specific after-action reports (AAR).
So, here are some observations / thoughts / notes:
So, here are some observations / thoughts / notes:
- Many orgs do not have the budget to ward off ransomware, including:
- Advanced threat protection (ATP) via: EDR, UBA / UEBA, UTM / NGFW / NGIPS / NGIDS
- Virtualization to segment legacy tech: SDN, SDS, hyperconvergence
- SIEM & TI
- SETA & CSIRT awareness notifications were slow & ineffective
- Close the patching gap....no more excuses
- We'll see this level of pandemic / infestation again...this is just a start.
So, folks will see this level of attack again & its up to them to be proactive & respond accordingly.
Labels:
ATP,
CSIRT,
EDR,
infestation,
NGFW,
NGIDS,
NGIPS,
pandemic,
ransomware,
SDN,
SDS,
SETA,
UBA,
UEBA,
UTM,
virtualization,
wannacry,
wannacry2,
wannacrypto
Monday, May 8, 2017
CISO Leadership Academy is Coming Soon
Watch out for the CISO Leadership Program, which will formally start this June....
Subscribe to:
Posts (Atom)