From Paul's Security Weekly
User behavior analytics wins and fails, the top 10 emerging security vendors (according to some), and virtually testing your network, all that and more so stay tuned!
Enterprise Security News
- http://www.prweb.com/releases/Intel/McAfee/prweb13578655.htm - This sounds neat: Installs as a “non-routing” (OSPF, BGP) router to monitor for real-time changes to the network address space/routing table in use and an interesting integration eith ePO.
- http://venturebeat.com/2016/07/26/safebreach-raises-15m-to-test-companies-cybersecurity-smarts-from-a-hackers-perspective/?utm_campaign=Feed%3A%2Bventurebeat%2FSZYF%2B%28VentureBeat%29&utm_medium=feed&utm_source=feedburner - Founded in 2014, SafeBreach serves as a virtual hacker of sorts, generating “war games” to analyze the impact of attacks on a company’s systems and the efficacy of its defenses. This essentially lets any organization see how it would cope when faced with a real-life attack. interesting concept, though better to have a real attacker do this and give you the results? I think we call that penetration testing...
- http://www.crn.com/slide-shows/security/300081458/10-security-emerging-vendors-you-need-to-know-about.htm - We talk about many of these companies on the show! I hope to be able to visit all of them at Blackhat this year...
- http://www.itbusinessedge.com/blogs/it-unmasked/niara-applies-behavioral-analytics-to-identify-ransomware-attacks-sooner.html - Not sure how user behavior analytics can help with Ransomeware...
- http://www.4-traders.com/news/Gurucul-Integrates-with-Okta-to-Detect-and-Respond-to-Cloud-Access-and-Identity-based-Security-Th--22760560/ - This is a neat integration: “Gurucul’s ability to provide Okta with risk-scores on user access and suspicious activity via API integration, enables them to dynamically invoke adaptive multi-factor authentication, block access, provision and deprovision access rights, monitor for privilege access abuse and take other measures to protect cloud applications against stolen account credentials and insider threats,” said Rosanna Pellegrino, vice president of strategic alliances for Gurucul.
- http://www.m2.com/m2/web/story.php/20166008818/text/wcpn - Patent of the week...
- We don't need it, we can have good security and focus on that
- It won't happen to us
- I can do penetration testing internally
- Penetration testing breaks things
- I use a different firm every time so I get different/better results