- Products
- Solutions
- See All Solutions
- Consulting Services
- Compliance
- Industry
- Environment
- Core Capabilities
- Partners
- Resources
- View All Resources
- Blogs
- Product Resources
- Security Resources
- Customer Resources
- Browse by Topic
- AT&T Alien Labs
- Support
In medical science, the patient zero is defined as "the initial patient in the population of an epidemiological investigation” (Source: Wikipedia). Information security has many links with medical science, after all, the term “virus” is used in both worlds. Wikipedia defines virus as "a small infectious agent that replicates only inside the living cells of other organisms.…
If you haven’t guessed it by now, achieving and maintaining Payment Card Industry Data Security Standard (PCI-DSS) Compliance can be both hard and expensive. For most small to medium sized organizations, it doesn’t have to be as long if you have the right plan and tools in place. In this post I hope to impart a…
The Managed Security Services business seems to be thriving, and more and more MSSPs are building their businesses on AlienVault Unified Security Management (USM.) The rapid adoption is evidenced by the new additions to the AlienVault MSSP network announced today: Cegeka, Columbus Business Solutions, GoGrid, Onsight, Hawaiian Telcom, Sedara Security, Terra Verde and T-Systems Austria.It appears that one of…
Almost every week another major company is in the media for another security breach or data leak. Last week it was eBay. This week, it was Spotify and Office, a UK-based clothing retailer. With this continued coverage on security issues, comes a growing concern that businesses are having an increasingly difficult time maintaining a solid security posture. Pile on the…
Jaime Blasco of AlienVault with Kyle Smith, OWASP Austin Chapter PresidentJaime spoke at the Austin OWASP chapter meeting on 5/27. He is a security researcher with broad experience in network security and malware analysis. The last OWASP meeting Jaime presented at was in Barcelona sixyears ago, when he was doing penetration testing.A video recording of the talk is here …
Who do you really trust?Of course, as security practitioners, we know the best policy is to trust no one, or at least trust no one blindly. However, this policy is not all that practical in real life. We must trust a growing number of people, companies and products just to function at a most basic level today. Personal relationships,…
Monday witnessed two separate but related activities by the US government that had the industry buzzing - a global law enforcement takedown of Blackshades malware developers and users and an unprecedented calling out of specific members of the Chinese military for hacking.From an SMB perspective, it’s a “good news – bad news” story. The takedown…
Heartbleed is a vulnerability with a CVSS score of only 5.0/10. As of this morning we have observed 840 breaches related to the Heartbleed vulnerability, CVE-2014-0160. More than enough has been said about the technical details of the vulnerability; hence I’d like to use this post to discuss the vulnerability management implications of Heartbleed, because they are both alarming…
When the senior vice president of information security of Symantec announced that antivirus was dead last week, it raised a few eyebrows. Antivirus is, at least nominally, a big chunk of their business. However, back in 2008, the CEO of Trend Micro was quoted as saying the antivirus industry “sucks”, so we shouldn’t be all that shocked. …
FireEye published a report today on ‘Operation Saffron Rose’ documenting cyber espionage activity conducted by the Ajax Security Team, a hacking group believed to be based in Iran. The group was previously known for web defacement, but apparently they’ve moved on to malware-based spying.The techniques used to install the malware and/or acquire credentials include…
The security industry has an unhealthy love affair with complexity and sophistication. Blame it on the media, or our own tendency towards masochism... but, whatever the reason, it seems that most are more interested in putting most of our time and attention on Advanced Persistent Threats or zero day attacks than in implementing basic security practices. The sad truth is…
From Drawception.comBack in the day, hackers really didn't think to gain by their activities – they broke into systems or web sites for fun and to show off their capabilities. While this situation was pesky, it turned out that things can always be worse. Now, with the emergence over the last several years of…
