Poisoning the Well, or Securing the Future

August 6, 2012 | Russ Spitler

Author: Russ Spitler

September 21, 2018 | Russ Spitler

Forrester Says that AlienVault “Challenges” Enterprise SIEM vendors

Forrester just released their “Security Analytics Wave” report that evaluates Security Analytics/SIEM technologies used by large enterprises (5000+ employees).  I am super excited that AlienVault was included for the first time and placed as a “Challenger”. This is quite incredible if you think about it. To include AlienVault as a challenger in a group of…

October 13, 2016 | Russ Spitler

Threat Intelligence Feed is for Horses

Threat Intelligence Feed. There, I said it. I have not said that phrase in 5 years. To me, that is the worst phrase in the InfoSec industry. I often find myself in conversations where people use it, and at first I swallow hard and pretend it doesn't bother me. I will engage and try to let it pass me by,…

Get the latest security news in your inbox.

Subscribe via Email

May 11, 2016 | Russ Spitler

New features in OTX enhance collaboration and sharing of threat intelligence

Today we have released two major new features in Open Threat Exchange (OTX). For those of you who have not yet signed up – OTX is an open community that allows you to get updates related to the latest threats as well as collaborate with other security professionals to research and report activity you observe in your environments. AlienVault USM…

June 26, 2015 | Russ Spitler

The case for a common taxonomy for the description of malicious behavior

The task of defending our environments from attack is made more difficult from the lack of a common taxonomy for describing malicious behavior observed. Each security control we deploy describes the threats it can detect in a different manner, each providing little insight into the nature of the behavior being reported. This disparity and lack of consistency makes it difficult…

June 18, 2015 | Russ Spitler

Intrusion Detection in AWS to meet PCI Compliance

Note: The product mentioned in this blog, AlienVault USM for AWS, is no longer being sold. Learn more here.In my previous blog I discussed the difficulties using Intrusion detection (IDS) in AWS to gain visibility. Often the drive for AWS intrusion detection is to meet the requirements of regulatory compliance - in particular PCI Requirement 11.4. The question becomes, now…

June 10, 2015 | Russ Spitler

AWS Intrusion Detection (IDS)

Note: The product previously mentioned in this blog, AlienVault USM for AWS, is no longer being sold. Learn more here.If you are starting a project to increase your visibility in AWS it won’t be long before you reach for your trusty old network-based IDS. However, just like the rest of us, you will soon start tearing at…

May 29, 2015 | Russ Spitler

A Drafty House: Analysis of the Current Use of AWS EC2 Security Groups

Note: The product mentioned in this blog, AlienVault USM for AWS, is no longer being sold. Learn more here.After a very confusing set of results from a survey we ran and exploring the new world of threat detection and incident response in AWS, we decided to go out and do a little research to see how the world was…

April 9, 2015 | Russ Spitler

A Brave New World

Dealing with Security Monitoring in Amazon Web Services (AWS)Note: The product mentioned in this blog, AlienVault USM for AWS, is no longer being sold. Learn more here.As you know, AlienVault just launched USM for AWS and we are very excited about bringing value and controls to AWS users in securing their environments. Here is some of the thinking…

April 7, 2015 | Russ Spitler

AlienVault Launches New Offering for Threat Detection and Incident Response in AWS

Note: The product mentioned in this blog, AlienVault USM for AWS, is no longer being sold. Learn more here.Today we are launching USM for AWS, our newest offering focused on providing threat detection and incident response for AWS. We have had the ability to monitor AWS environments in our core USM product line for almost two years now, however…

February 5, 2015 | Russ Spitler

Cloud Security Confusion: Who Owns What?

At BlackHat this past summer, we ran a survey in our booth asking a series of questions related to security in the cloud. We had more than 500 respondents and the signal was quite strong – everyone is confused about security in the cloud!Let’s start with the simplest, most basic question – who is responsible for security? To…

December 15, 2014 | Russ Spitler

Cloud Security: Time to “Wise Up”

The market for cloud, or Internet, computing, in which software and information is available on demand, has surged in recent years. Market research firm IDC expects businesses worldwide to spend $57.4 billion by the end of this year - double that of only a few years previously. Does this signal a brave, new world of 'cloud without borders' and is this…

July 29, 2014 | Russ Spitler

BYOD – shedding the last illusion of control

Many years ago, organizations relied solely on perimeter-based devices to provide their basic security control. Poorly designed business services (mainframe/internal websites/email/etc.) were 'protected' by perimeter-based systems that restricted access. We used firewalls of one form or another to make sure only ‘authorized’ users accessed the systems. This was in a large part possible by the…

Watch a Demo ›
GET PRICE FREE TRIAL