RSA Labs, Page 2

Mastering the implementation of a Threat Pattern

In previous posts we have discussed two of the most critical phases in the “The Lifecycle of a Threat Pattern”: analysis and design. In the analysis phase the objective is to fully understand the asset in scope by getting deeper into the context to formulate a set of residual risks to which the asset might be…

Multi-layered Analysis of a Threat Pattern

If you do not fully know the asset, how can you protect it? This is the first challenge security practitioners face during any activity, whether it is a penetration test, code review, risk assessment, or design of a threat pattern. In a previous post, author Davide Veneziano provided an overview of the building-block required to design a consistent…

Context in Risk-Based Threat Patterns

Risks come from various sources that are not always possible to identify and subsequently prevent and mitigate in advance. With the growth in cloud, social, mobile and “bring your own device” computing, the size of the attack surface is greater than ever. Many attack scenarios are possible mainly due the complexity of the network’s topology and…

Measure your Readiness – Threat Intelligence Program

In the first part of this series we talked about the journey to undertake building a security monitoring and incident response program based on five dimensions: analytics, governance, measurement, operational and organizational. The third main program, also considered a primary capability of an effective Security Operations Center, is the development of tactical, operational and strategic…

Setting the Benchmark in the Network Security Forensics Industry

“Setting the benchmark” – “Beating thirty other products in threat detection and response capabilities” – “Outstanding achievement in product leadership, technological innovation, customer service, and product development” – “Superior capabilities for best addressing customer needs” Wow! While we certainly don’t do what we do here for such accolades – we do it to help our…

Measure your Readiness – Security Monitoring Program

In the previous post of this series “Measure your Readiness”, I depicted a framework to assess, shape and accelerate a Threat-Driven Incident Response program useful for all kind of organizations to enhance their response capabilities and be ready to deal with unforeseen incidents. The second post in the series aims to look at the “security…

Moving from Low to High-Fidelity Security

In the 1940s and 50s home audio systems went through a high-fidelity revolution. This is the period when the music recording industry and stereo manufacturers dramatically improved the audio experience for consumers.  Technically it had to do with the improved audio capture, more sophisticated mastering (stereophonics), and dramatically improved reproduction of music, all at a…

Threat Detection Techniques – ATM Malware

There once was a time when stealing money from a bank ATM required actual physical manipulation of the terminal itself.  Many criminal schemes have been repeated throughout the years, ranging from physical destruction of the terminal (ramming it with a vehicle) to the use of ‘skimmers’ to steal customer credentials.  Successful ATM capers were not…

Measure your Readiness – Incident Response Program

In today’s threat landscape it is a challenge to prevent the entire spectrum of attack vectors from impacting an organization. This is especially true with the increased adoption of new disruptive technologies and services such as cloud computing, mobility, BYOD and an increase in collaboration with third-parties who have access to the corporate’s network. On…

Does DDoS Takedowns Really Change Extortion Rules of Engagement?

The proliferation of account takeovers, DDoS attacks,  ransomware and outright cyber extortion targeting individuals and institutions is not only disrupting the hack attack landscape, but also raising questions around our rules of engagement. How are we supposed to deal with all of this knowing the bad guys aren’t playing by the same rules that we…