Analytics
11/28/2011
01:34 PM
Dark Reading
Dark Reading
Slideshows
Connect Directly
RSS
E-Mail
50%
50%
Repost This

Slide Show: 10 Tips And Best Practices For Becoming A Data Security Detective

Tips from security insiders on gathering and analyzing security intelligence and identifying new threats, as well as APT attacks
Previous
1 of 10
Next


Until recently, IT security technicians spent much of their time managing passwords, access lists, and firewall configuration tables. Today, however, the role of the security pro has shifted radically toward threat analysis, forensic investigation, and incident response. The modern data security professional is increasingly asked to be skilled in roles such as first responder, malware researcher, log file analyst, and threat evaluator.

On October 20, 2011, InformationWeek and Dark Reading hosted an all-day virtual event, where experts offered detailed insight in how to collect security intelligence in the enterprise, and how to analyze and study it in order to efficiently identify new threats as well as low-and-slow attacks such as advanced persistent threats. Several best practices emerged from the event, including the following tips from security insiders.

Keynote speaker FBI Special Supervisory Agent (SSA) Melissa Horvath, from the Bureau’s Cyber Division, Cyber Criminal Unit 1, emphasized the importance of understanding how and why criminals perpetrate financial crimes, and explained the inner workings of financial fraud cases involving electronic money transfers.

Previous
1 of 10
Next
Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-0360
Published: 2014-04-23
Memory leak in Cisco IOS before 15.1(1)SY, when IKEv2 debugging is enabled, allows remote attackers to cause a denial of service (memory consumption) via crafted packets, aka Bug ID CSCtn22376.

CVE-2012-1317
Published: 2014-04-23
The multicast implementation in Cisco IOS before 15.1(1)SY allows remote attackers to cause a denial of service (Route Processor crash) by sending packets at a high rate, aka Bug ID CSCts37717.

CVE-2012-1366
Published: 2014-04-23
Cisco IOS before 15.1(1)SY on ASR 1000 devices, when Multicast Listener Discovery (MLD) tracking is enabled for IPv6, allows remote attackers to cause a denial of service (device reload) via crafted MLD packets, aka Bug ID CSCtz28544.

CVE-2012-3062
Published: 2014-04-23
Cisco IOS before 15.1(1)SY, when Multicast Listener Discovery (MLD) snooping is enabled, allows remote attackers to cause a denial of service (CPU consumption or device crash) via MLD packets on a network that contains many IPv6 hosts, aka Bug ID CSCtr88193.

CVE-2012-3918
Published: 2014-04-23
Cisco IOS before 15.3(1)T on Cisco 2900 devices, when a VWIC2-2MFT-T1/E1 card is configured for TDM/HDLC mode, allows remote attackers to cause a denial of service (serial-interface outage) via certain Frame Relay traffic, aka Bug ID CSCub13317.

Best of the Web