Blog Posts Tagged with "Firewalls"


The Myth of Defense in Depth

January 25, 2012 Added by:Rafal Los

There are two parts to the idea of defense in depth - there is the concept and the implementation. It's easy to talk about the concepts behind defense in depth - but to implement them effectively in today's technology landscape... well that is an entirely different cup of tea...

Comments  (5)


Snort and SCADA Protocol Checks

January 25, 2012 Added by:Brent Huston

There are a wide variety of open source tools that can be leveraged around Snort, making it a powerful approach to visibility. Having people in the industry who know how the systems Snort work allows for better development of signatures for nefarious issues...

Comments  (0)


Common Errors in Firewall Configurations

December 06, 2011 Added by:Christopher Rodgers

With the "ANY" port accessible vulnerability, clear text protocols could be used when both a secure and less secure clear text service are running on the same system, and vulnerabilities found for specific services such as SMB could be launched against vulnerable machines...

Comments  (0)


A Checklist for Customer Cloud Security

December 06, 2011 Added by:Ben Kepes

In our cloud security whitepaper we spent time talking about why Cloud Computing is potentially more secure than traditional models of IT delivery while at the same time pointing out the fact that there’s still security issues that organizations need to think about when using Cloud...

Comments  (0)


ACL Complexity and Unknown Vulnerabilities

November 21, 2011 Added by:Brett Scott

If the only way to tell if the ACLs are properly configured is to use another detection mechanism that is capable of identifying improper traffic and nobody had anything like that on their networks, then how many networks are completely vulnerable and do not know it?

Comments  (1)


How to Plan Security and Meet Your Compliance

October 27, 2011 Added by:Gabriel Bassett

If you feel a bit lost with what tools you have in your (defenses, sensors, response) toolbox, you're in luck! The good news is the toolbox is already sitting on your hard drive. The bad news is, it's your compliance controls...

Comments  (0)


Security - Stupid Is As Stupid Does

June 12, 2011 Added by:J. Oquendo

With so much being spent on security - Firewalls, Intrusion Detection Systems, Intrusion 'Prevention' Systems, Intrusion 'Tolerance' Systems, Data Loss Prevention, Certified Security Professionals, Standards, Guidelines, and the list goes on, why are these companies failing?

Comments  (18)


Using the Shun Command on the PIX/ASA

May 18, 2011 Added by:Global Knowledge

One command that had a fairly long history first with the PIX Firewall and now the ASA is the shun command. In this post we’ll examine this command’s history, why it’s useful, and its new-found resurgence in threat detection implementation...

Comments  (1)


Data Loss Prevention: Less Flip this Week

April 14, 2011 Added by:Ron Lepofsky

Data leakage prevention technology tackles both data at rest residing within a network and specifically on disk storage and of course when data is in motion. Vendors of these technologies vary in what elements of the problem they wish to tackle. Some try to solve all possible problems...

Comments  (0)


Analysis Shows Firewalls Fail to Deliver as Promised

April 12, 2011 Added by:Headlines

Three of the six firewalls failed to stay operational when subjected to stability tests, five out of six didn't handle what is known as the Sneak ACK attack. According to NSS Labs, the performance claims presented in the vendor datasheets are generally grossly overstated...

Comments  (2)


Companies Spend More on Coffee Than Web App Security

February 10, 2011 Added by:Headlines

A recent report by the Ponemon Institute, Cenzic and Barracuda Networks has produced a startling statistic: eight-eight percent of companies surveyed indicate they spend more on coffee than they do on securing Web applications...

Comments  (1)

Page « < 1 - 2 - 3 > »