December 5, 2014 | Kate Brew

Gamifying the AlienVault Forum

We are excited to share with you some enhancements we have made to the forum to make it more interactive and valuable to you. For those of you unfamiliar with our Forum, it’s the place to go with technical questions and to keep up on product enhancements. It also provides a place for OSSIM (our open source project)…

December 3, 2014 | Garrett Gross

Holiday Phishing - The Grinch Loves Email!

Hey folks – its that time of year again! No – I’m not talking about spending time with loved ones, putting up holiday decorations, or even digging out that ugly sweater to wear to your hipster friend’s party. I’m talking about EMAIL PHISHING CAMPAIGNS!! Image courtesy of searchenginegenie.com That’s right. This…

Get the latest security news in your inbox.

Subscribe via Email

November 25, 2014 | Kirk Kerr

Security Awareness: Combating Unintentional Security Breaches in a BYOD world

In a survey conducted by the Computer Security Institute in 2011 http://gatton.uky.edu/FACULTY/PAYNE/ACC324/CSISurvey2010.pdf [no longer available], companies worldwide were asked about increasing number of cyber security threats, and the results were overwhelming. 45.6% of respondents reported being the subject of at least one targeted cyber-attack Respondents to the survey covered a variety of industries including…

November 21, 2014 | Kate Brew

AlienVault Joins Industry Leaders to Discuss IT Security Trends in Latin America

In November, Carlos Dodero, LATAM Business Unit Manager and Victor Obando, LATAM Senior Advisor at AlienVault participated on panels at the GMS-sponsored Conference in Ecuador attended by 300 and the E-Dea Networks event in Colombia attended by 50 to discuss security trends in the LATAM market with other IT security leaders. In addition, a third partner event featuring AlienVault was held by…

November 18, 2014 | Garrett Gross

Security Tips for Retailers and Consumers this Holiday Season

With the holiday season quickly approaching, many retailers might be finding themselves in the crosshairs of criminals, both physically and online. The unfortunate reality is that most of them are soon entering an IT freeze, or already have, where no new projects go live and performance and availability take precedence. In many cases, this means that any new security upgrades…

November 13, 2014 | Garrett Gross

2014 SANS Incident Response Survey Results

With the recent streak of widely publicized breaches of well-known companies, many organizations are examining their incident response (IR) capabilities. SANS conducted a survey earlier this year to explore what IR teams are up against – what types of attacks are most common, what defenses are most widely used, and what challenges IR teams face in their response efforts. The…

November 5, 2014 | Alissa Knight

Red teams; a diary from the garden of Red versus Blue

As with most terminology used in information technology, such as DMZ (or Demilitarized Zone), the term Red team was originally adopted from its use by the US military, which is still heavily used today in the ongoing force transformation of the Department of Defense. Red teaming can be used at multiple levels within a company, not just red team/blue…

November 3, 2014 | Dan O'Leary

5 Mobile Device Security Policies to Help You Sleep at Night

Thinking about mobile device security policy keeps me up at night. It probably keeps you up too. On a recent evening, I was browsing the findings of a study by McAfee and Ponemon Institute titled “The Lost Smartphone Problem[i],” which provided data on how many employee devices are lost and recovered annually. My life is exciting. This…

October 17, 2014 | Garrett Gross

When its raining cats and dogs, be careful to not step in a poodle…

A new security vulnerability was discovered by a team of researchers from Google that affects SSL v3. This vulnerability, dubbed POODLE (Padding Oracle On Downgraded Legacy Encryption), while nowhere as serious as Heartbleed or Shellshock, can still wreak havoc on your machine or in your environment if the right set of circumstances were to put you in the crosshairs of…

October 15, 2014 | Kate Brew

Account Entrapment: The Victim is Tricked into “Playing for the Wrong Team” with Cookie Abuse

Ben Broussard of Denim Group presented at OWASP Austin on 9/30 and highlighted a really interesting new kind of attack – Account Entrapment. What is Account Entrapment? Counter-intuitive at first glance, it’s not about an attacker gaining access to the victim account. It’s the opposite. It is the attacker being able to log the victim into his…

October 7, 2014 | Branden Williams

Effective PCI Compliance for the Small Business

Companies who process credit card data are getting pummeled by breaches. It doesn’t seem to matter if you are big or small anymore—you are going to be targeted if you have not already been breached. That’s what PCI DSS is for, right? If you follow all of the requirements in PCI DSS, you should…

October 1, 2014 | Garrett Gross

Bourne Again: Helping you see the light through the Shellshock exploit

A recently discovered hole in the security of the Bourne-Again Shell (bash) has the majority of Unix/Linux (including OS X) admins sweating bullets. You should be, too--attackers have already developed exploits to unleash on unpatched web servers, network services and daemons that use shell scripts with environment variables (this can include network equipment, industrial devices, etc.) Jaime Blasco, AlienVault…

Watch a Demo ›
Get Price Free Trial