Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

The Policy Expert: Lan Manager Authentication Level

LAN Manager (LM) is a family of early Microsoft client/server software that allows users to link personal computers together on a single network. Network capabilities include transparent file and print sharing, user security features, and network administration tools. In Active Directory if the Kerberos protocol is not negotiated for some reason, Active Directory will use LM, NTLM, or NTLMv2.

The Policy Expert: Do Not Allow Supported Plug and Play Device Redirection

This policy setting allows you to control the redirection of supported Plug and Play devices, such as Windows Portable Devices, to the remote computer in a Remote Desktop Services session. By default, Remote Desktop Services allows redirection of supported Plug and Play devices.

The Policy Expert: MMS: IP Source Routing Protection Level

IP source routing is a mechanism that allows the sender to determine the IP route that a datagram should take through the network. An attacker could use source routed packets to obscure their identity and location. Source routing allows a computer that sends a packet to specify the route that the packet takes.

The Policy Expert: Maximum Security Log Size

Maximum log size should be set to any kind of event logs, as part of your security policy. This configuration’s value is highly important for detecting attacks and investigating their source. Allocating insufficient storage space will lead to information loss of what happened in the network, therefore breaches could remain undetected.

Why is End-Point Security Important?

Aiming to provide security for end-point users, end-point security is one of the most discussed components of data protection and cyber security. In this article, we will discuss what end-point security is and why it is important for your business. What is an end-point? An end-point refers to a distant device which has back and forth communication with a specific network. Such devices include desktops and laptops, mobile devices like smartphones and tablets, work stations and servers.

Signs of Phishing: Protecting Yourself During the Holidays

I recently wrote about phishing around the holidays and while I was working on the piece, I noticed a couple of friends posting recent emails on Facebook. I thought it might be fun to dig a bit deeper into those emails and look at the telltale signs that indicate these are phishing attempts.

The Chicken & Egg Secret Protection Problem in Micro-services

Alice keeps all her passwords in an Excel file on her desktop. However, she was told it is a very bad practice, since Eve can easily get access to the computer, read the file,and access Alice passwords and accounts. To enhance her security, Alice got a password protection software, KeePass, and she now saves all her passwords safely there – except for her KeePass password, which Alice keeps in an Excel file on her desktop. ‍Good news for Eve...

Is Your Company Suffering from Supplier Stockholm Syndrome?

That phrase came to me many years ago when working on a multi-million pound IT outsourcing deal. We were up to our necks in the finer points of platform-wide and stack-deep security, and I realised we were fighting amongst ourselves more than challenging the final competing vendors. This infighting was partly due to the large amount of IT staff in the room likely to transfer to the winning team and partly due to the view of security controls as a bolt-on extra.