RSA Netwitness

A View From the #RSAC SOC – Part 2

In today’s world, cameras are just about everywhere – in stores, on the streets, inside of cars, and many other locations.   Now, imagine you are a bank employee and your bank had no cameras – would you feel secure?   Probably not.   The reality is that many organizations have no “security cameras” on their networks to…

The Elephant in the Room for Endpoint Security

Stop me if you’ve heard this story before… Three blind men are traveling down the road to visit a friend.  On the way, they encounter an elephant.  Not being able to see it, they each stopped and felt the elephant to figure out what sort of creature it was.  The first one grabbed the trunk…

Cloud Ready Threat Detection & Response

Organizations are leveraging third party cloud environments for increasingly critical data, applications, and infrastructure. The agility and potential cost savings that both public and private (virtual) clouds offer mean that the business can be more efficient and gain operational and financial advantages. While some organizations – dependent on vertical and “risk” appetite – may be…

Tales from the Black Hat NOC: Are We Broken?

Walking through the expo hall at Black Hat Europe was uplifting – if the vendor booths were to be believed, APT’s can be stopped in their tracks, Ransomware protection can be guaranteed, and phishing can become a term applied to lake activities again. All it requires is buying this tool! It made me wonder why people…

Tales from the Black Hat NOC: Finding Mr. Robot?

The most significant part of Black Hat Europe 2016 finally started, and as expected – we are watching the arrival of smart security experts, who have come to the event to exchange information or show off their latest tools and products. While it’s hard to say what kind of skilled “hackers” we can expect during last…

Tales from the Black Hat NOC: The Stages of Security Adolescence (Part 2)

In Part 1 of “Tales of the Black Hat NOC: The Stages of Security Adolescence,” I discussed the maturation process of the Black Hat NOC, and security strategies in general.  In the blog post below – you can see the adjustments we made and additional steps we took towards optimizing our NOC at Black Hat. …

Tales from the Black Hat NOC: The Stages of Security Adolescence (Part 1)

Maturity is often spoken of in the security community as a binary value – “Customer X is mature,” “Customer Y is immature…” This notion was not dispelled at Black Hat where one vendor after another claimed, “Evolve your security. Buy our product and stop breaches today!” But we know that maturity is not binary, and neither is…

TALES FROM THE BLACK HAT NOC: WHAT’S IN YOUR CLASSROOM?

  Hanging in the NOC these last couple of days has confirmed one thing.  Creation of content to support an information security program is an ongoing process.  It starts with the identification and deployment of out-of-the-box content useful for the audience, but a good security operations plan does not stop there. The RSA NOC team…

Tales from the Black Hat NOC: Attendee Attacks, Loud and Proud

We are approaching the end of Black Hat‘s training days. It’s an interesting time when the expo floor still sits quiet, but the Black Hat network is as noisy as ever – as seen by the RSA volunteers working inside the Black Hat NOC. The majority of this noise is being generated by teachers and students, demonstrating…

TALES FROM THE BLACK HAT NOC: Data in the Clear

        I started my day by reading an article about how to stay safe during Black Hat and DEF CON.  There were suggestions like – don’t bring a laptop, not to bring your smartphone, to leave your wallet at home, and only carry cash.  Why would such recommendations be made?  Black Hat and DEF CON attract security professionals, as well…