Runtime Application Self-Protection

Runtime Application Self-Protection (RASP) is a technology that embeds security protections (detection, alerting, and mitigation) directly into an application and runs as the application is executed. RASP runs on the server and is touted for its ability to detect and prevent real-time application attacks from within the application itself.

RASP is an automated, self-monitoring technology; it intercepts requests to the app then analyzes behavior and context of behavior. If the request is valid, it is validated and allows the application to execute per usual.

Keep reading...

Every breath you take

By Katherine Teitler

December 5, 2016

“Insider threat” — it’s a term that gets thrown around a lot in cybersecurity circles. Practitioners want to know who is responsible for attacks and how attacks are being perpetrated so defenses can be appropriately implemented and provisioned. The problem with the term “insider threat,” though, is that different individuals, organizations, and media outlets all have various interpretations for what constitutes an insider threat.

Read more ...

Stronger

By Katherine Teitler

December 2, 2016

Over the past few years the security industry has seen a rise in the number of appointed CISOs. At companies where previously the security team was small, secluded, and likely managed by the CIO, it is refreshing that mention of a CISO is no longer followed by puzzled looks or blank stares. While the position is becoming more familiar within enterprises, it is by no means the norm. Furthermore, despite the presence of a chief information security officer at a company, more likely than not, that person doesn’t hold the same rank as other C-levels. Chief financial, information, marketing, and legal officers, for instance, generally report directly to the CEO, whereas the CISO…well, not so much.

Read more ...

Eye of the Tiger

By Katherine Teitler

November 30, 2016

The All Powerful Breach…or threat thereof. How often do you, as a security practitioner, get asked by a colleague outside of the security team about the viability of a breach at your organization? Is a breach the meter by which security is measured?  

Read more ...

Where is the love?

By Katherine Teitler

November 29, 2016

Depending on your media outlet of choice, the current cybersecurity staffing shortage is either pressing or catastrophic. In either case, a staffing shortage exists and the industry needs to take more proactive steps to look beyond current talent pools to fill open positions, as well as positions that will be created as the industry continues to expand. 

Read more ...

Broadcast Name Resolution Poisoning

Broadcast name resolution poisoning is an attack targeting user credentials as a means to further access corporate networks and data. To initiate the attack, a threat actor would buy a generic top-level domain (gTLD) and establish attacker-controlled entries for the web proxy auto-discover protocol (WPAD). The attacker spoofs domain name resolutions to which victim computers will then auto-connect, generally when the end user is trying to connect to the internet via an external DNS, such as at a hotel or coffee shop. The spoofed domain responds to authentication requests and can capture authentication credentials.

Keep reading...

By Marcos Colón

November 23, 2016

No matter their size, billions of dollars are spent on a yearly basis to protect networks at companies, yet headline-grabbing data breaches still occur. With security incidents impacting companies like Yahoo, LinkedIn, Friend Finder Networks, and countless of breaches affecting small to medium-sized businesses across industries, it may be time for companies to assume they’ve already been compromised.  

Read more ...

Good time

By Katherine Teitler

November 23, 2016

MISTI’s Threat Intelligence Summit in New Orleans in just two weeks away, and like the city itself, we’re ready to laissez le bon temps rouler! Threat intelligence is serious business—it helps organizations understand emerging threats and prepare defenses appropriately. In the best case situations, an organization with a tight grasp on its threat landscape—from threat actors to likely types and methods of attacks—can use intelligence to drive down organizational risk. 

Read more ...

Sittin’ on the dock of the bay

By Katherine Teitler

November 22, 2016

Ransomware is just a cyber twist on the age-old crime of taking someone/something hostage and demanding a payout for safe return. Cyber criminals have quickly learned that getting at organizations’ data then deploying malware to encrypt it carries a low technical barrier to entry (as opposed to kidnapping a human). With enough broad-based distribution, doing so yields a favorable return on investment (ROI). Unlike physical crimes of this ilk, ransomware distribution often takes a “spray and pray” approach, targeting a vast number of individuals and/or companies until an attack is successful. The cost for a ransomware distributor to send 1,000 infected phishing emails vs. 100,000, for instance, is nominal.

Read more ...

Pass-the-Hash

Passwords have long been known to be a major information security vulnerability. One of the ways to mitigate damage in the event of a breach is to “hash” password, or cryptographically convert a plaintext password to an irreversible output, like a key or token (i.e., “hash”) that is stored and can be used in place of the original input. In Windows-based systems hashed passwords are loaded into the local security authority subsystem (Lsass) and run as an executable that is responsible for user authentication.

Keep reading...

I wanna see you be brave

By Katherine Teitler

November 16, 2016

Today, many organizations’ executive teams and boards of directors conflate cybersecurity and risk. Risk management is a broader practice than security alone, but cybersecurity is an increasingly “big ticket item” on boards’ agendas—alongside other more traditional risk discussions—since it’s clear that a major breach can impact the organization in meaningful ways. The concept of risk is newer to security than it is to market expansion, product development, finance, operations, and so on, because cybersecurity, itself, is newer. It is no less important, however, and boards are keen to quantify cyber risk just as they’ve been for other areas of business for decades. 

Read more ...

Threat Intelligence

The term “threat intelligence” has become somewhat of a buzzword in the infosec industry, but for good reason. Threat intelligence, when applied properly, is a game-changer for businesses as they move from chasing the bad guys to learning who they are and how they’re operating before disaster strikes.

Threat intelligence as a practice is not new—it has been used in military operations for quite some time—but within the confines of information security, it’s a new way of thinking and operating. Security and operations teams have been collecting data and information for many years and using it to track incidents, anomalies, vulnerabilities, etc. Information and data, however, should not be confused with “intelligence.”

Keep reading...

Ed Moyle, Director of Thought Leadership and Research, ISACA

November 14, 2016

Go to any security conference nowadays, and you’ll find that everyone and their brother (from end users to service providers to vendors) has jumped on the threat intelligence bandwagon. While this is a useful trend, indicative of the fact that organizations are starting to realize that reliable information about threat actors can, when applied judiciously, help provide a security benefit. It’s also a true statement that many organizations struggle with making the threat information they obtain actionable as a practical matter.

Read more ...

By Dan Houser

Security Architect & Perspicacious Security Iconoclast

November 10, 2016

A study of recent hacking attacks on corporations makes it obvious that (weak) password credentials are being used both inside and outside organizations, and are frequently the credential protecting remote access to the enterprise and its "crown jewels." Consider one of the most ancient security mechanisms: a visitor's password response to a sentry’s challenge when approaching a checkpoint or encampment "Halt," cries the security guard, "What is the password?" An overheard passphrase, credentials yelled to sentries on one side of the “wall," shouldn't gain an attacker access through all the walls and into the protected area to see the king, the biggest prize of all. However, this is precisely how modern-day enterprises treat their networks, sensitive data, and proprietary systems.  

Read more ...

By Doug Gray

Senior Cyber Architect, Lunarline, Inc.

November 9, 2016

No threat actor ever avoided attacking your system because you marked a control as compliant. So why do so many defenders spend so little time understanding the threat?

Read more ...

SSL Stripping Attack

An SSL stripping attack is a malicious attack on client-server communications in which the attacker intercepts traffic and manipulates the secure protocols used to encrypt would-be private communication. To initiate an SSL stripping attack, the adversary uses stripping tools like SSLstrip or takes advantage of insecure WiFi hotspots.

Keep reading...

Running down a dream

By Katherine Teitler

November 7, 2016

Reading the daily security news, as many in the field do, I came across this quote on InsuranceThoughtLeadership.com, written by Scott M. Kannry, CEO of Axio Global:

“Anybody who knows anything about cyber is likely thinking, ‘It’s impossible to solve cyber risk!’ But what if we redefine ‘solve’ as: ‘to provide security leaders and firms with an accurate picture of their cyber exposure, with the ability to effectively manage the risk and with resiliency when an event happens.’” 

Read more ...

By Katherine Teitler

November 3, 2016

With the recent Dyn distributed denial of service (DDoS) attack lighting up media headlines, enterprise security practitioners are being asked how to ensure that the organizations for which they work aren’t the next DDoS victims. For some practitioners this can be attributed to a “shiny object syndrome,” in other words, the human tendency to focus on that which is most recent and interesting. However, it is a very real possibility that a DDoS attack could bring an entire business to a screeching halt for days at a time; this risk is making security practitioners think twice about how (or if) their organizations are prepared to withstand a DDoS attack.

Read more ...

Lose yourself

By Katherine Teitler

November 1, 2016

Cybersecurity has been gaining traction as a “board level topic” over the past several years. While boards of directors, along with executive management, all want the answer to, “How secure are we,” security professionals know that that answer doesn’t often come wrapped in a tidy little box. Yet, CISOs often express frustration at what and how to present to the board, exactly. 

Read more ...

Event Search

Download Catalog Dark Blue 300x58

Subscribe to Newsletter LightBlue 2 300x58

Register Mobile Security Summit 300x58

Ransomware ad

MIS|TI Tweets

ACL MISTI Grey 300x58

Please choose your region

Submit
Select a Region
United States
United Kingdom/Ireland
Africa
Americas
Asia-Pacific
Europe
Middle East

By continuing to use misti.com you will be agreeing to the website Terms and Conditions, the Privacy Policy, and the Use of cookies while using the website.