[SecurityRatty] tag: dana

Links for 2008-10-01 [del.icio.us]

Wed, 01 Oct 2008 20:00:00 +0000

Security + Logging + Virtualization Podcast

Wed, 01 Oct 2008 09:36:00 +0000

Here is a fun podcast a bunch of us (yes, including Chris, of course!) did on security, logging and virtualization (audio, full transcript).

It is actually a fun read / listen, if you are into either/all of these three :-)

Here is the brief blurb on that from the podcaster site: "To help learn about new ways that systems log tools and analysis are aiding the ramp-up to virtualization use, I [Dana Gardner] recently spoke with Charu Chaubal, senior architect for technical marketing, at VMware; Chris Hoff, chief security architect at Unisys, and Dr. Anton Chuvakin, chief logging evangelist and a security expert at LogLogic."

Links for 2008-09-15 [del.icio.us]

Mon, 15 Sep 2008 20:00:00 +0000

Quest grabs NetPro to strengthen Windows management wares - Network World
NetPro’s lineup includes tools focused on security/compliance, infrastructure administration and identity/access. Those tools include auditing, backup/recovery, policy enforcement, event log management, Exchange migration, group policy management, health/performance and user self-service password management
Are common logging and audit standards emerging? :: SearchSecurity.com.au
SaaS market will 'collapse' in two years | Tech News on ZDNet
Q: Won't people avoid the mistakes of "previous" SaaS incarnations, as you mentioned? A: People are stupid. History has shown it repeats itself, and people make the same mistakes.
CRM Outsiders » Blog Archive » Lawson CEO: SaaS Will “Collapse” In Two Years
I couldn’t disagree more, but than again it was also Harry Debes that predicted that many of today’s Web 2.0, cell phone gadgets would never catch on either. SaaS is certainly here to say. I
Nerd News: Eventlog to Syslog
(ISC)2 Blog: Event Correlation
Speaking of Security... | Blog Entry: Paul Stamp | Correlation is no silver bullet: 1301
So, when deploying SIEM to improve your security operations, remember that correlation only really works when backed up by real data about what is the biggest problem in your environment, and how that problem manifests itself in the event logs. I call it "working out what type of needles you'll find in your haystack."
Systems log analytics offers operators performance insights that set stage for IT transformation | Dana Gardner’s BriefingsDirect | ZDNet.com
Sharpening Stones and Walking on Coals | Nemertes Research
When hunting for a needle in a haystack, after all, making the haystack larger is not an obviously productive course; getting a tool that can assist in the hunt - a magnet, or a metal detector - makes more sense!
Search or Destroy | Nemertes Research
It's not all about security, it's not all about events, it's not all about compliance. All those things are critically important to IT, of course, but even more fundamental is the task of keeping things running.
jdm's Blog: How worthwhile is logging?
Logs are like a warm blanket; verbose logging means you can know what's happening on your systems if you keep up with the logs. At the same time, logs become a burden very very easily, and they are easy to ignore.
Rainer's Blog: What is an Event? And what an Event Log?
Enterprise Architecture: From Incite comes Insight...: Taming the Documentum Audit Trail
First and foremost, it is a good security principle to separate log data from the system.
Log management is a pain | Thomas Nicholson
So for an administrator to not care about logs was a shock.
thebaumblog » Blog Archive » Life after SIEM. Situational Awareness is next.
Life after SIEM. Situational Awareness is next.

Links for 2008-09-11 [del.icio.us]

Thu, 11 Sep 2008 20:00:00 +0000

OPEN Forum by American Express OPEN » Blog Archive How to Save a Billion Dollars
The Daily Incite - September 11, 2008 | Security Incite: Analysis on Information Security
But I think many security managers are missing the point of what a security management platform is supposed to do. It's about control and automation. The reality is no human can wade through the morass of data that comes out of our security devices.
Security Management: A Chicken & Egg Problem - Discovery and management - Dark Reading
Most enterprises are looking for a product that will solve all of their problems in some sort of off-the-shelf miracle, and when they find out that the currently available tools can't do it, they either postpone their deployment or put them on the back burner.
Trusted Computer Solutions Acquires CounterStorm to Broaden Portfolio of Security Solutions: Financial News - Yahoo! Finance
Dana Gardner's BriefingsDirect: Systems log analytics offers operators performance insights that set stage for IT transformation
Financial Cryptography: Yet more evidence: your CISO needs an MBA
Yet more evidence: your CISO needs an MBA
The Velocity 2008 Conference Experience - Part III - Web Admin Blog
Logging should be actionable - concise, express symptoms. Anything logged is something fixable. It should be giving you less downtime - shorter time to resolution. Logging takes resources, so make it worth it. Filter down your logs to be concise and actionable. Production logging has different goals from dev/QA logging. You’re looking for problem diagnosis and recovery, and then statistics and monitoring. Insight into what the app’s doing.

Links List 6.20.08

Fri, 20 Jun 2008 17:26:55 +0000

Dana Gardner discusses the recently announced partnership of VMWare and HP. They seek to offer enterprises and service providers a single management and control approach to both physical and virtual software infrastructure stacks. A fun little game: count the number of HP modules you have to buy for a “complete” virtualization management solution.

John Willis talks about customers that use a hybrid approach of priority and open source monitoring tools depending on how important what’s being monitored actually is to the business. He says,”a running joke that was going around in the early 2000’s is that BMC and Tivoli created Mercury (now HP) Sitescope because they, BMC and Tivoli, would not budge on their per server pricing. In fact many of the enterprise proprietary monitoring vendors still don’t deal with the not-so-important-server issue.”

One of our favorite writers, Michael Vizard, examines the virtualization market and more at Masked Intentions. He says that, “Virtualization continues to evolve, and companies such as IBM, CA, BladeLogic and Hewlett-Packard have all made specific commitments to extend their tools for managing physical servers to virtual machine environments.” We would add ScienceLogic to that list of course. But what’s more interesting is the statement that newbies focused on point solutions around virtualization management are saying that virtual machines represent a paradigm shift that will make existing management tools obsolete. Am I missing something here? All management vendors need to keep up with technology changes – hence the move to support virtualization. The market needs change; the management tools change, hopefully apace.

PacketTrap thinks that commercial open source is dying. So does that mean they think only commercial open source is their competitor and not just open source monitoring software?

So their value proposition is not that their feature set and value are better, but that they’ll probably be around longer than any open source products dabbling in trying to drum up revenue.

Want to work inside the Interop NOC? We’re looking for some great people to join the volunteer team at Interop.

And finally, snicker, snicker. Here’s a truly funny post on the Broadcom debacle.

ShareThis

Links for 2008-04-03 [del.icio.us]

Thu, 03 Apr 2008 20:00:00 +0000

Information Security as Insurance
Security Thoughts: Information Security, Governance, Compliance and Safety Belts
I have seen a lot of complaints about PCI and SOX etc etc in the same way that people complain about "self protection" laws like safety belt laws.
The Evolution of Compliance Technology - Sarbox Survival Guide
William Vambenepe’s blog » Blog Archive » Another IT event standard? I’ll believe it when I CEE it.
Worst practices: Recognizing the biggest compliance mistakes
Tenable Network Security: CyberCrime, CyberTerror, CyberEspionage, and CyberWar
The final point I'd like to make on cybercrime is that the current set of problems show us nothing about how bad it can possibly get. If you're part of an organzation that does business online, cybercrime is going to be part of your personal future, fo
practical risk management: Nice GRC write-up and how it relates to log management initiatives
Commentary: Inside the Twisted Mind of the Security Professional
Dana Gardner's BriefingsDirect: Splunk goes 'platform' to extend IT search benefits across more IT management functions
SANS Technology Institute: An Interview with David Hoelzer, author of DAD, a log aggregator
ParanoidMike: Which Security Event Log audit categories are most useful on a Windows client?
Do Your Vendors Have Information Security That's Aaa Good? - Web Exclusives - Online Column - CSO Magazine
Sarbanes-Oxley: Growing Dependence on Log Data for Compliance and Threat Response
Results of note from the SenSage survey respondents include: * Eighty-eight percent collect log data for compliance reasons, while 42 percent do so as part of best practices/industry standards initiatives such as ITIL. * Seventy-eight perce

Show 004 - An Interview with Dana Epp

Mon, 31 Jul 2006 17:30:23 +0000

In the fourth episode of the Silver Bullet Security Podcast, Gary’s guest is Dana Epp, CEO and founder of Scorpion Software. Dana also runs a popular software security blog and is a jazz trumpeter. On this show, Dana and Gary talk about past programming disasters (”code lives forever”), the security implications of systems with ever-increasing complexity, suggestions for new developers interested in learning about software security, regulation’s role in information security, and Miles Davis.