Recently in Log Management Category


NJTC Annual Membership Meeting

By Bill Leroy on July 15, 2010 10:33 AM | No Comments | No TrackBacks

Not so long ago, I remember that talking about information security management brought a lot of eyebrowse up, something of a black art, kind of like UNIX Administration.
But in today's world, Cyber Security has gotten enough attention recently from the White House, Congress, Military, and Law Enforcement not only in the U.S. but across the globe that discussing the need for Cyber Security and Information Security Management in the public and private sectors is no longer considered a foreign topic or a dark black art. The discussion of Risk Management and Information Security Management are now an interwoven fabric within IT Frameworks for COBIT and ITIL.

At the NJTC meeting yesterday at the Forsgate Country Club, we had a diverse number of parties interested in our solutions to support their Information Security Management Program - from Audit and Financial executives to IT Management. Our solutions will provide a means to help IT and Data Owners identify the threats, and risks to their business processes in these times of round-the-clock international electronic business transactions. Situational awareness of today's highly complex distributed IT Service environments is no longer simply a nice to have but a necessity to survival of digital business transactions against a world of distributed Botnets and pre-zero day vulnerabilities.

I would like to thank the NJTC for giving us the ability to reach out to so many different businesses operating in across the State of New Jersey and those that stopped by to simply hear what our solutions have to offer to their Business Services.


nFX SIM One at HP Software Universe 2009 - Managing risk based decisions

By Bill Leroy on December 18, 2009 12:51 AM | No Comments | No TrackBacks

HP Software Universe 2009

Enterprise Architecture Process

Image via Wikipedia

Last day here at HP Universe in Hamburg, talking about integrating Information Security Management more closely into the enterprise architecture and the system development life cycle. Enterprise Frameworks including the new NIST guideline for Special Publication 800-37 Rev. 1 and six step Risk Management Framework, highlights ITIL V3 and COBIT 4.1 frameworks call for information security to be closely aligned with the enterprise for effective Risk Management.

We have been talking about the new Standards and Guidelines concerning the harmonization of IT and Information Security Governance. With netForensics Sim One, information security management enterprise software, HP uCMDB, and HP Operations Manager Software integration, we can provide the proof that IT Operations Management and Information Security Management are working on the same vision of Domain Services for continual monitoring of enterprise services providing IT Operations and Information Security the ability to monitor the effectiveness of the control environment, promoting near real-time risk management.

If your looking for solutions to help you manage risk-based decisions with regard to the organizational information systems supporting their core missions and business functions, we already have it.


Reblog this post [with Zemanta]


The Establishment of the Financial Fraud Enforcement Task Force

By Bill Leroy on November 22, 2009 11:56 AM | No Comments | No TrackBacks
Cyber crime

Image by Angus Kingston via Flickr

The mission and function of the task force will be to provide advice to the Attorney General for the investigation and prosecution of cases of banks, mortgage, loan, lending fraud; securities and commodities fraud, mail and wire fraud, retirement fraud, tax crimes, false claims, unfair competition, discrimination, and other financial crimes and violations.

Federal Register Executive Order 13519--Establishment of the Financial Fraud Enforcement Task Force

Bankinfosecurity.com's article outlines the comments made by the Attorney Generals Office:

"That the nation faces unprecedented challenges in responding to the financial crisis that has gripped the economy for the past year. Mortgage, securities and corporate fraud schemes have eroded the public's confidence in the nation's financial markets and have led to a growing sentiment that Wall Street does not play by the same rules as Main Street."

Recently in the Brazilian Power outage events, even an implied weakness in the controls of Critical Infrastructure could be used to destabilize the financial stability in markets, subverting the controls that are involved in financial trading. There have been conflicting reports about whether the attack was caused by an attack on the controls of its Dam's systems. Employees and Contractors of the system complained that their pay checks and statements had been modified to include a message from the attackers.

With all of this talk on financial fraud and critical infrastructure vulnerabilities, I could not help but be reminded of the 1983 movie Superman III where Robert Vaughn's character sites "Computers rule the world today and the fellow that rules the computer, rules the world." and Richard Pryor hacking into secret defense systems to ruin the coffee crop for the next 5 years, Superman III: Tornado Scene.

While it all may seem very tongue and cheek and some what unrealistic, the simultaneous collapse of the financial markets due to fraudulent transactions combined with the failure of major Scada Systems would have a serious effect on a nation's stability. In 2002 the U.S. Naval War College conducted a study that concluded it would probably take about 5 years to plan and cost about 290 million dollars to plan a significant electronic attack.

Digital Stenography: The advantage of steganography, over cryptography alone, is that messages do not attract attention to themselves.

Infosectoday's article: Digital Steganography Threat or Hype: by James E. Wingate - Summary:
Use of steganography will never be detected if no one ever looks for it.

Oct 24, 2008 - Futures halted as trading enters `panic mode` The Financial Post

Related articles by Zemanta

Reblog this post [with Zemanta]

Cinxi Revealed at RSA Security Conference. Appliances That Set the Mark for SIEM and Log Management Usability

By Bill Leroy on April 29, 2009 11:03 PM | No Comments | No TrackBacks

netForensics' recent acquisition and debut of its Cinxi SIEM/Log Management Appliances was revealed at the RSA Security Conference in San Francisco. Cinxi's ability to jump start an Information Security Program was well received by attendees looking to meet Information Security Governance and Regulatory Compliance Requirements by getting their Security Event Management, Log Management, and Incident Response Management under control.

Cinxi's effective and efficient Security Analyst UI is built so that an IT Operations, NOC, or SOC can quickly start utilizing an intelligent workflow for identifying and managing incidents, while dynamically identifying and building Asset Management Information, Network Topology design, and the Security Control Environment that protects them. Cinxi provides a sensible and easy to use Log Management facility maintaining and securing all raw events for audit and compliance requirements.

Cinxi's full feature SIEM and Log Management software, superior sustainable EPS rates and sensible storage management for appliances, out performs all of its competitors in usability and performance while maintaining a price that its competitors cannot match.

To learn more about Cinxi, read here>


Conficker Handling Instructions

By Bill Leroy on April 1, 2009 10:45 PM | No Comments | No TrackBacks


From the English Parliament to CBS News, and the April Fools Day announcements - Conflicker Botnet infections have gained media attention. Microsoft and most of the security industry have been reporting the urgency of addressing this issue since before Nov. 2008. We have been reporting on this issue since our blog space began. Below are some links addressing detection and removal of Conflicker. However it is not only one backdoor botnet infection that you need to fix, it is other code that may have been installed or information communicated after the first beach head was installed. The best thing to do is to follow Microsoft's advice on virus and worm outbreaks save what you can and re-image the OS and Applications back on to your PC.

Below are a list of removal and detection resources:

1) IT RISK SPACE

2) EEYE offers a Free Conflicker Scanner

3) McAfee Threat Center

4) Trend Micro House Call

« Internet Security | Archives | MSSP »
Blog Search

Subscribe

Enter your email address:



Syndicate




© 2010 netForensics, Inc Privacy Policy | Site Map