Analytics
11/28/2011
01:34 PM
Dark Reading
Dark Reading
Slideshows
50%
50%

Slide Show: 10 Tips And Best Practices For Becoming A Data Security Detective

Tips from security insiders on gathering and analyzing security intelligence and identifying new threats, as well as APT attacks
Previous
1 of 10
Next


Until recently, IT security technicians spent much of their time managing passwords, access lists, and firewall configuration tables. Today, however, the role of the security pro has shifted radically toward threat analysis, forensic investigation, and incident response. The modern data security professional is increasingly asked to be skilled in roles such as first responder, malware researcher, log file analyst, and threat evaluator.

On October 20, 2011, InformationWeek and Dark Reading hosted an all-day virtual event, where experts offered detailed insight in how to collect security intelligence in the enterprise, and how to analyze and study it in order to efficiently identify new threats as well as low-and-slow attacks such as advanced persistent threats. Several best practices emerged from the event, including the following tips from security insiders.

Keynote speaker FBI Special Supervisory Agent (SSA) Melissa Horvath, from the Bureau’s Cyber Division, Cyber Criminal Unit 1, emphasized the importance of understanding how and why criminals perpetrate financial crimes, and explained the inner workings of financial fraud cases involving electronic money transfers.

Previous
1 of 10
Next
Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Threat Intel Today
Threat Intel Today
The 397 respondents to our new survey buy into using intel to stay ahead of attackers: 85% say threat intelligence plays some role in their IT security strategies, and many of them subscribe to two or more third-party feeds; 10% leverage five or more.
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-7896
Published: 2015-03-03
Multiple cross-site scripting (XSS) vulnerabilities in HP XP P9000 Command View Advanced Edition Software Online Help, as used in HP Device Manager 6.x through 8.x before 8.1.2-00, HP XP P9000 Tiered Storage Manager 6.x through 8.x before 8.1.2-00, HP XP P9000 Replication Manager 6.x and 7.x before ...

CVE-2014-9283
Published: 2015-03-03
The BestWebSoft Captcha plugin before 4.0.7 for WordPress allows remote attackers to bypass the CAPTCHA protection mechanism and obtain administrative access via unspecified vectors.

CVE-2014-9683
Published: 2015-03-03
Off-by-one error in the ecryptfs_decode_from_filename function in fs/ecryptfs/crypto.c in the eCryptfs subsystem in the Linux kernel before 3.18.2 allows local users to cause a denial of service (buffer overflow and system crash) or possibly gain privileges via a crafted filename.

CVE-2015-0656
Published: 2015-03-03
Cross-site scripting (XSS) vulnerability in the login page in Cisco Network Analysis Module (NAM) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCum81269.

CVE-2015-0890
Published: 2015-03-03
The BestWebSoft Google Captcha (aka reCAPTCHA) plugin before 1.13 for WordPress allows remote attackers to bypass the CAPTCHA protection mechanism and obtain administrative access via unspecified vectors.

Dark Reading Radio
Archived Dark Reading Radio
How can security professionals better engage with their peers, both in person and online? In this Dark Reading Radio show, we will talk to leaders at some of the security industry’s professional organizations about how security pros can get more involved – with their colleagues in the same industry, with their peers in other industries, and with the IT security community as a whole.