You are viewing 'Network Security Tips'
How to Use ELK to Solve Your One-off Log Analysis Problems
Performing log analysis with divergent data sets can be the stuff nightmares are made of. If you are lucky, your organization may have only a few dozen different log types throughout your environment. If you perform log analysis as a service, forget about it. There are many fantastic log management solutions on the market today, including our own ActiveGuard service. These solutions have robust log collection, analysis, and search capability. For a comprehensive, enterprise log analysis solution they are ideal, however they require substantial implementation and tuning for your specific environment and are intended for long term log aggregation and monitoring.
It is not always feasible to stand up one of these solutions on short notice or for a one-off project.
So where does that leave you? Manual log normalization and analysis? Manual techniques do have their... read more >
Partner With Your Security Provider: A Fourth Step in Security
I remember back in the day sitting in a classroom. The teacher would tell us to pick a partner and so we did. We picked our friend, or the person next to us, or the classroom dreamboat. It was simple then, because it wasn’t a terribly difficult task to complete.
As we got older, and hopefully wiser, we were asked to pick a partner to complete a task. This time, with more education behind us, we wanted a teammate that could help us complete the task the best. In other words, we wanted to win.Security Partners want to help you win when securing your environment.
Through a process (whatever it may have been for your organization), you picked your security partner. There are some things you will need to take on together in order to get the best end result. Your partner needs to have the same information you have about your network. This allows a proper customized experience for your specific company and needs. A one-size-fits-all solution doesn’t work as... read more >
As an organization’s security posture grows, a number of responsibilities may fall under the umbrella of information security, whether it is under direct control of an information security program or delegated to another supporting IT department. One such responsibility is a vulnerable management program.
Vulnerability management is an important part of a matured information security program. At a high level, the objective of vulnerability management is to find and remediate all issues as they are identified. However, as you start examining the matter in-depth, you’ll find that you:
- Need to have a process in place to determine priorities
- Need to have more information than what a vulnerability scanner can provide
- Won’t always be able to fix vulnerabilities; fix what you can and mitigate the rest
As with any good story, we’ll leave that last item for a bit and focus on the top two for now. After all,... read more >
Scan Your Network: A First Step in Security
April 05, 2016 - Posted by Loren Paquette to
This blog is a continuation of the Prevention blog series. The first blog, "Four Tips to Secure Your Network," discussed prevention and four tips to immediately help secure your network. This blog, the first of four steps to assist with security, discusses ways to scan your network. Links to the other blogs will be provided as they are posted!
Network and security teams often disagree about security. In almost every company, the teams will debate about different security options and which methods are better. The conversation often goes something like this:
Network Team: Why does the security team always need to have access to the network?
Security Team: Why can’t we get access to the network to perform scanning activity?
Network Team: It is a pain... read more >
Four Tips to Secure Your Network
The word itself, prevention, sounds very simple. We hear it all the time and yet each day we forget how important that one word is. Smokey the Bear says, "Only you can prevent forest fires." We remember that, even more so, when we visit our National Parks and see the char from a previous fire. We are told to maintain our vehicle to prevent future problems. Brush your teeth to prevent cavities. And so on. I am sure you hear the word several times a day, without even noticing.
In the IT security world, security is 80% prevention. How, you ask? Updated software, patched software, and other security measures PREVENT most of the bad things from happening to your network.How do we go about this?
1. Scan your network
You need to know what devices are on your network, where they are... read more >