Auditing Linux environments using LIDS and ‘auditd’

If you use LIDS at all, your life is about to get easier: Recently we released nine new templates for the CloudPassage Halo log-based intrusion detection system, (LIDS) which consists of different rules/policies for ‘auditd’. The CloudPassage Halo log-based intrusion…

Read More

Network-Bound Disk Encryption in Red Hat Linux 7

As you likely know, using cloud services means that you’re storing data on servers you don’t own. Mistakes made in the cloud are therefore more likely to become public and the impact can range from embarrassment, to losing all of…

Read More

Why Old FIM Tools Fail In Agile IT Models

File integrity monitoring (or FIM) tools can be an important part of intrusion detection and configuration security. When combined with other tools, FIM gives you vital information about your servers for compliance and security. But too often these tools fall…

Read More

U.S. Universities Get “F” For Cybersecurity Education

In recent remarks by Commerce Secretary Penny Pritzker at Montgomery College, she noted that there are an “estimated 210,000 open and unfilled cybersecurity jobs in the United States today.” This is a remarkable statistic, but not all that surprising since most…

Read More

Why a Network Appliance-Only Defense is a Costly Failure (RSA 2016)

Guest blog by David Spark, Spark Media Solutions “The less segmentation you have the easier you’re giving the path of least resistance to the malicious hacker,” said Bill Brenner(@billbrenner70), Senior Tech Writer, Akamai Technologies, in our conversation at the 2016…

Read More

Forget DevOps, All Software Development Is Live (RSA 2016)

Guest blog by David Spark, Spark Media Solutions At the 2016 RSA Conference in San Francisco, I asked Dan Kaminsky (@dakami), Chief Scientist, White Ops, about changes in the DevOps environment. Is there a fundamental difference in how enterprises are…

Read More

Is Dynamic IT Wreaking Havoc on Compliance? (RSA 2016)

Guest blog by David Spark, Spark Media Solutions “Compliance in the best case is a tough job to get through. The reality is once we start talking about dynamic IT, the cloud, mobility, off-network access, and so forth, it just…

Read More

A CISO Who Uses the Cloud More Can Relax (RSA 2016)

Guest blog by David Spark, Spark Media Solutions “Moving to the cloud provides clarity for most CISOs,” argued Steve Hunt (@steve_hunt), performance improvement coach, Hunt Business Intelligence, in our conversation at the 2016 RSA Conference in San Francisco. While so…

Read More