Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Why Enterprise Security Teams Must Grow Their Mac Skills
Newest First  |  Oldest First  |  Threaded View
RetiredUser
50%
50%
RetiredUser,
User Rank: Ninja
6/12/2017 | 12:38:39 PM
Who Is the Audience Here?
The thing that has always kept me in the security wheelhouse is the amazing range of opportunities.  One reason there are so many opportunities is the great disparity between actual need and "professional"/"Enterprise" offerings.  Much like those who came up in the GNU/Linux world (my involvement with Red Hat implementations in the 90s is how I got into software), security techs are probably just as frustrated as we Linux geeks were with the commercial side of their industry.  That is, on one hand you have the InfoSec underground, lock pickers and code crackers who work regularly on systems of all breeds (from VMS to GNU/Linux to Windows), and you have the "professionals" who often focus on Windows environments.  But whose fault is that?

This article is a call to the "Industry" more than anything.  While Enterprise environments in many sectors may have heavy Windows leanings from infrastructure to end user devices, I don't think the bulk of "true" security professionals need to be told Mac or any other non-Windows device should be the next mastered.  Dedicated InfoSec pros are hacking every known OS under the sun, including embedded OS, router software, etc.  It's unusual to not know tech like OS X and only know Windows when you are passionate about security.  That said, the certificate mills and standard InfoSec security training grounds are not always as diverse, and to be fair many folks who may make good security engineers are only getting one side of the story when they get educated.  Some of this is due to massive software security companies that sell Windows-oriented Enterprise apps.

I think the main message should be not just to move into Mac and OS X mastery and documentation, but to understand InfoSec covers it all.  Windows, AIX, HP-UX, IRIX, GNU/Linux, Mac OS X, BSD, Solaris and OpenVMS at a minimum.  Add on top of that all the custom OS (many of them built on the Linux kernel anyway), such as Cisco IOS.  Let's encourage the exploration of many toolkits, in multiple languages, on multiple systems.  Empowering InfoSec pros in this way will give them a huge advantage against cyber criminals who already know this truth.  Heck, send them out of school not just with their certs but also with a good lock picking kit in their back pocket.  Teach them more and you will get more in return!

   
AnasE928
50%
50%
AnasE928,
User Rank: Apprentice
6/9/2017 | 3:29:07 PM
mac is coming in the way
mac is becoming the leading platform for developement and designing 
90% of web developers now uses Mac devices 
<a href="https://www.freesteamwalletcode.com/">free steam wallet codes</a>
marting123
50%
50%
marting123,
User Rank: Apprentice
11/15/2016 | 6:09:25 PM
amazing
Thank you, I've been seeking for info about this subject matter for ages and yours is the best I have discovered so far.
marting123
50%
50%
marting123,
User Rank: Apprentice
11/15/2016 | 5:24:24 PM
Amazing
Amazing post, thanks a lot my friend, you've shared me great information which I need, professional! For the enterprise securty teams, sure must grow their skills, thanks! waiting for your update :)
ClaireEllison
50%
50%
ClaireEllison,
User Rank: Apprentice
11/15/2016 | 4:15:37 PM
Re: amazing
Excellent article plus its information and I positively bookmark to this site Hi Sarah, thanks for your great article! You shared me the information which I found for a long time, amazing!
ClaireEllison
50%
50%
ClaireEllison,
User Rank: Apprentice
11/10/2016 | 4:42:33 PM
amazing
Excellent article plus its information and I positively bookmark to this site Hi Sarah, thanks for your great article! You shared me the information which I found for a long time, amazing!
macooxii
50%
50%
macooxii,
User Rank: Apprentice
11/9/2016 | 2:09:17 AM
amazing
Hi Sarah, thanks for your great article! You shared me the information which I found for a long time, amazing! You are expert! I have bookmarked your great post and shared into my social network, great! Waiting for your new article, thanks!
Benefiter
50%
50%
Benefiter,
User Rank: Apprentice
11/3/2016 | 10:50:25 AM
Re: From here we got the tips!
Thank you, I've been seeking for info about this subject matter for ages and yours is the best I have discovered so far.
AndreGironda1
100%
0%
AndreGironda1,
User Rank: Strategist
11/2/2016 | 12:49:03 PM
Mac on the way out, but maybe not iDevice
Haven't you heard the good news? Mac computers are on their way out of the Enterprise. Everyone has shiny, new laptops with 32GB of DRAM or more, but Apple decided to ship the latest MacBook Pro with only 16GB of DRAM. No self-respecting app developer, system administrator, or DFIR professional can stand five minutes on a laptop with only 16GB of DRAM.

Tell me how I'm supposed to acquire memory from a machine with 16G or 32G of DRAM and spin up an equivalently-sized ramdisk on a laptop with only 16G of DRAM? It's NOT PHYSICALLY POSSIBLE. I have to defy physics -- and that's what Apple has done: defied their ability to sell laptops due to the laws of physics.
iDevices will still be around, of course. I do recommend that DFIR and other cyber security professionals up their game when breaking iOS and iOS apps. For example, the Daniel Mayer idbtool should be common knowledge to all experts. Repackaging apps is another huge win. Everyone should get a free version of the LE-version of Cellebrite -- apparently you can, too, now because these tools were leaked online by a reseller!
 
What a magical year for Apple. 2017 is going to be so much pwn


Commentary
Ransomware Is Not the Problem
Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer,  6/9/2021
Edge-DRsplash-11-edge-ask-the-experts
How Can I Test the Security of My Home-Office Employees' Routers?
John Bock, Senior Research Scientist,  6/7/2021
News
New Ransomware Group Claiming Connection to REvil Gang Surfaces
Jai Vijayan, Contributing Writer,  6/10/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-22390
PUBLISHED: 2021-06-21
Akaunting &lt;= 2.0.9 is vulnerable to CSV injection in the Item name field, export function. Attackers can inject arbitrary code into the name parameter and perform code execution when the crafted file is opened.
CVE-2018-25016
PUBLISHED: 2021-06-21
Greenbone Security Assistant (GSA) before 7.0.3 and Greenbone OS (GOS) before 5.0.0 allow Host Header Injection.
CVE-2019-25047
PUBLISHED: 2021-06-21
Greenbone Security Assistant (GSA) before 8.0.2 and Greenbone OS (GOS) before 5.0.10 allow XSS during 404 URL handling in gsad.
CVE-2020-21517
PUBLISHED: 2021-06-21
Cross Site Scripting (XSS) vulnerability in MetInfo 7.0.0 via the gourl parameter in login.php.
CVE-2006-0016
PUBLISHED: 2021-06-21
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.