Developing a Strong Application Security Program: Part 1

Michael Born

August 18, 2016 - Posted by Michael Born to Security Insight

InfoSec Employees

As a Security Consultant for NTT Security (US), Inc. Professional Security Services, I have the privilege of witnessing many application security programs. I see programs that work great, are healthy, and handle risk management very well. Then there are programs that have either missed the mark completely, or are healthy but have some maturing to do.

In this blog I’ll be focusing on organizations or development teams that use a more traditional “waterfall” style approach to application development. I’ll attempt to identify traits of a healthy application security program in order to provide ideas for programs that could use some maturing. If your organization uses a more modern “agile,” “iterative,” or “kanban” style of development we will address those specific challenges in Part 2 of the series.

I’m sure many of us have heard that successful... read more >

Packet of Interest

Building a PCAP Record Extractor Using Python

Ramece Cave

August 11, 2016 - Posted by Ramece Cave to Security Insight

About three years ago I wrote an article about building your own packet analyzer in Python. Today we are going to continue down a very similar but different path, this time building a tool that provides another service.

Occasionally, I find myself needing to extract an entire packet from a packet capture (PCAP). The reasoning varies between testing a custom decoder or parser I have written, or including the data in a report, or sometimes just wanting to visualize or structure the data in another way. Packet extraction can be done using Tshark extracting field by field, then reassembling the individual components. The process can be tedious, and probably has a higher error and frustration rate. So whatever can we do; who or what will save the day? Dun dun dun, Python sweeps in over the horizon, wind blowing in its hair, Michael Bolton theme song blasting in the background, swoops to the rescue (dramatic pause), fade to... read more >

Incident Response Preparation

Preventing Incident Response Frustration #WarStoryWednesday

David Biser

August 03, 2016 - Posted by David Biser to Security Insight

Threat Intel

Ever try to chop down a tree with a fork? Any type of skilled labor requires the use of proper tools, and incident response is no different. In my experience as an incident responder, many organizations often lack both the proper incident response tools and staff trained to use those tools. In this war story, we take a look at what that can mean for rapid response and remediation.

Incident Response War Story

In a recent incident response engagement, a victim of a data breach contacted us regarding the loss of credit card data. This company had received a notification from a Federal law enforcement agency, which, during an investigation, had observed the organization’s IP addresses in relation to stolen credit card data. Further investigations showed that the stolen credit card data had been taken from the organization’s network. The notification had little for the organization to go on, which is typical in this type of situation. Yet,... read more >

NTT Group Unifies the NTT Security Businesses to Form NTT Security Corporation

Mike Hrabik

August 01, 2016 - Posted by Mike Hrabik to Security News

NTT Security

I am extremely excited to let you know that NTT Group has unified the NTT security businesses to form NTT Security Corporation, a specialized security company to deliver Managed Security Services (MSS) and security expertise through the NTT operating companies worldwide. NTT Security will combine Solutionary with NTT Coms Security and the managed security services platforms of both Dimension Data and NTT Communications, all of which will be integrated with the security platform of NTT Group’s R&D arm, NTT Innovation Institute. As a result of the merger, the Solutionary company name will change after August 1 to NTT Security (US) Inc. This name change will allow us to present ourselves as a fully-fledged subsidiary of the NTT Group.

The rationale for this merger is quite simple: together we have an improved ability to deliver what our clients and the security industry have long been asking for – an integrated approach to cutting-edge security solutions... read more >

Fine Tuning Your Environment

Order of operations

Loren Paquette

July 28, 2016 - Posted by Loren Paquette to Security Insight

Sometimes, a little old school math can help restore order when it comes to fine tuning your environment. Let me explain.


Software: Specific, as in OpenSSH
Software version: More specific, as in OpenSSH 6.2
Signature: A known pattern that we are looking for. Typically this affects specific software.
Traffic: For our examples, it will be traffic that either matches a pattern or does not.
Event: An alert that says "Look at me!... read more >

The SERT Q2 ‘16 Quarterly Threat Intelligence Report

Shrinking variety of attacks, inside Business Email Compromises, update on ransomware, perspective on China’s new Five Year Plan, and highlights from PCI DSS 3.2.

Jon-Louis Heimerl

July 26, 2016 - Posted by Jon-Louis Heimerl to Threat Intelligence

The Solutionary Security Engineering Research Team  (SERT) released its Q2 2016 Threat Intelligence Report today.

Solutionary observed a flattening of attack types during Q2 ’16. In recent quarters, web applications made up as much as 42 percent of observed attacks. In Q2 ’16, web application attacks made up 24 percent of such attacks. The top three attack types – web-application... read more >

Advancing Information Security Knowledge: Part 2

Learning from a Mentor

Bryan Pluta

July 21, 2016 - Posted by Bryan Pluta to Security Insight

Board Meeting

In information security, there are so many career niches, so many new information security topics and technologies and so many evolving cyberattacks and breaches. To keep up with the rapidly changing information security field, you can never stop learning. One fantastic method to become more educated is to find a mentor.

How do you find a good mentor?

A good mentor is someone who has patience and is able to explain complex topics in a multitude of different ways to ensure everyone is able to understand. One of the best places to look for a mentor is at your current place of employment. Many people have senior individuals where they are employed that have been in the field for years and can explain highly complex topics. If there is a senior person where you work, try asking them if you can shadow them when they perform specific tasks that you want to learn more about. You can also ask if they can set aside time on a weekly or monthly... read more >

<< Newer Entries | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | Older Entries >>

Voted one of the Best Computer Security Blogs 2016
NTT Security (US), Inc. (formerly Solutionary) is a security consulting and managed security services provider. The NTT Security blog is a place for IT professionals to both learn and talk about the latest in IT security and compliance.

Get the NTT Security Blog delivered to your inbox!

Enter your Email:

(We will not share your email or use it for anything else.)