With more business applications moving to the cloud, the ability to assess network behavior has changed from a primarily systems administration function to a daily security operations concern. And whilst sec-ops teams are already familiar with firewall and network device log tools, these can be of limited used in a “cloud first” business where much of the good traffic that occurs is hard to distinguish from potentially risky traffic.
The purpose of this series of blogs is to guide you on your journey up the Vulnerability Management Mountain (VMM). Like climbing a mountain, there is a lot of planning and work required, but when you get to the top, the view is amazing and well worth the journey. Your progress will depend on your funding and priorities, but climbing at a quick steady pace will help secure your environment.
HTTP Response Splitting is a type of attack that occurs when an attacker can manipulate the response headers that will be interpreted by the client. This article goes into details on how this can be abused by an attacker to insert arbitrary headers and the impact of this type of attack.
A selection of this week’s more interesting vulnerability disclosures and cyber security news. Privacy is understandably a concern for all, and for those that are not that bothered and opt-in to give it away, I’m sure they assume it is for monitoring of their activities online. However, in this enterprising case, it appears to go beyond the virtual to physical and not where you would suspect…
Undoubtedly, log management is the heart of any SIEM solution. The more access to logs your SIEM has the better it will be able to perform. Logs help in identifying who attacked your organization and how these malicious actors penetrate your corporate network. By logging all the vital information related to network devices and other critical systems, you will be able to get a deeper insight into your organization’s cybersecurity posture.
Every week, the AT&T Chief Security Office produces a set of videos with helpful information and news commentary for InfoSec practitioners and researchers. I really enjoy them, and you can subscribe to the Youtube channel to stay updated. This is a transcript of a recent feature on ThreatTraq. Watch the video here.