Archive for ◊ 2012 ◊

Adding ObserveIT video audit logs to your SIEM

Friday, May 11th, 2012 | Author: admin

At a Glance

Adding ObserveIT’s user activity video logs and user activity text logs to your SIEM or Log Analysis platform gives you all the details of exactly what users are doing on your network, right from within the platform that you count on for security oversight and compliance reporting.

Imagine this: Your SIEM dashboard alerts you to a potential security incident. But now, instead of investigating by drilling down into system logs, you can instead just click on the “Play the Video” icon, which shows exactly what the user did!

ObserveIT’s open architecture allows for a straightforward integration with any log analysis tool. This document shows this open architecture, and also provides a look at specific integrations with Splunk, Arcsight, RSA enVision and CA UARM.

Category: ObserveIT | Leave a Comment

Dell to Acquire SonicWall to Expand Network-Security Tools

Friday, May 11th, 2012 | Author: admin

Dell Inc. (DELL), the world’s third- largest maker of personal computers, agreed to buy SonicWall Inc. to gain network-security and data-protection tools, paying a price that analysts peg at between $1 billion and $1.5 billion.

SonicWall, based in San Jose, California, had revenue of about $260 million in the past 12 months and about 950 employees, executives from both companies said today on a conference call to announce the deal. SonicWall’s technology detects and protects networks from intrusions and malware attacks, and helps protect data.

Dell is buying services and software businesses as the PC market faces competition from smartphones and tablets. Last month, the company hired CA Inc. Chief Executive Officer John Swainson to oversee the software push, and today he said security is an important part of that strategy.

Category: IT Security | Leave a Comment

BeyondTrust acquires eEye Digital Security for vulnerability management

Friday, May 11th, 2012 | Author: admin

Privilege management vendor BeyondTrust is acquiring vulnerability and configuration management vendor eEye Digital Security, in a move the company said is an ongoing strategy of adding security capabilities to its product portfolio.

There is some integration work that needs to be done to make it much more of a product line than a couple of technology pieces sold through the same distribution channel.Mike Rothman, analyst, president, Securosis.

Terms of the acquisition were not disclosed. Both firms said the deal enables them to establish a more robust platform that can be maintained and monitored at a single point for protection from both insider and external threats.

Category: IT Security | Leave a Comment

Mass SQL Injections Spike Again

Friday, May 11th, 2012 | Author: admin

Security researchers have reported spikes in mass SQL injection attacks of late that take advantage of very common vulnerabilities in the way that Web applications interact with back-end databases. Particularly targeting ASP, ASP.Net, and MS-SQL sites, these mass SQL injection campaigns have been linked to black hat efforts to redirect victims to browser exploit kits like Blackhole or Phoenix.

“There’s been a growing increase on the mass SQL injections side mainly because there is business to be had and money to be made in that area,” says Gunter Ollmann, vice president of research for Damballa. “There are a growing number of professional hackers and crime groups that specialize in quick and rapid identification of websites that are vulnerable to SQL injection, and they monetize that by injecting malicious code normally as part of the pay-per-install or the iFrame injection-type business.”

Category: DataBase Security | Leave a Comment

ObserveIT adds HP Arcsight CEF Certification for standards-based SIEM integration

Friday, May 11th, 2012 | Author: admin

We’re proud to announce that we have recently been certified as ArcSight CEF compliant partners. This is an important step for us. It expands the ways that ObserveIT User Activity log data can be utilized for building insightful security reports and dashboards.

After completing an extensive certification process, we now are integrated tightly into the HP Arcsight platform, using standards-based CEF log file communications structure. This means that any Arcsight installation can easily display ObserveIT’s user-oriented logs, including launching a video replay that shows user actions.

Category: ObserveIT | Leave a Comment

Why aren’t customers dropping Oracle?

Thursday, May 10th, 2012 | Author: admin

Since it was first disclosed, I’ve been talking to lots of folks about the Oracle “TNS poison” vulnerability that’s out there.

Mostly, the talk has been focused on understanding the risks and implementing appropriate workarounds. But there seems to almost always come a time in the conversation when someone asks, “How can this be?”

It’s stunning to consider that Oracle sat on this issue for so long. It’s a critical vulnerability that fully compromises any Oracle database. It’s easy to exploit, requires no authentication, and it’s almost undetectable using built-in database features. But through the years and through a major database release, it remained unfixed and under wraps.

Category: DataBase Security | Leave a Comment

Why aren’t customers dropping Oracle?

Sunday, May 06th, 2012 | Author: admin

Since it was first disclosed, I’ve been talking to lots of folks about the Oracle “TNS poison” vulnerability that’s out there.

Category: DataBase Security | Leave a Comment

External Threats Top List of CISO Concerns

Saturday, May 05th, 2012 | Author: admin

CISOs (Chief Information Security Officers) face a number of challenges, according to a new IBM study. From a high-level perspective, the respondents told IBM that they were concerned about external threats, with 69 percent rating it their number one or number two challenge.

“This was more than internal threats, more than incorporating new technologies, and more that regulation and compliance issues,” David Jarvis, author of the report and senior consultant at the IBM Center for Applied Insights, told InternetNews.com. “I think that, at the moment, the gaze of security and business leaders is outward with all of the high profile breaches and security incidents.”

Category: IT Security | Leave a Comment

Global Payments Breach Window Expands

Saturday, May 05th, 2012 | Author: admin

A hacker break-in at credit and debit card processor Global Payments Inc. dates back to at least early June 2011, Visa and MasterCard warned in updated alerts sent to card-issuing banks in the past week. The disclosures offer the first additional details about the length of the breach since Global Payments acknowledged the incident on March 30, 2012.

Visa and MasterCard send periodic alerts to card-issuing banks about cards that may need to be re-issued following a security breach at a processor or merchant. Indeed, it was two such alerts — issued within a day of each other in the final week of March — which prompted my reporting that ultimately exposed the incident. Since those initial alerts, Visa and MasterCard have issued at least seven updates, warning of additional compromised cards and pushing the window of vulnerability at Global Payments back further each time.

Category: DataBase Security | Leave a Comment

Attack takes Soca crime agency website down

Saturday, May 05th, 2012 | Author: admin

Soca confirmed to the BBC that soca.gov.uk had suffered a Distributed Denial of Service (DDoS) attack.

A spokesman said the site was taken offline at 22:30 on Wednesday, but that the attack did not “pose a security risk to the organisation”.

Soca has recently shut down 36 websites believed to be selling stolen credit card information.

‘No security risk’

“We took action to limit the impact on other clients hosted by the [same] service provider,” the spokesman said.

Category: IT Security | Leave a Comment

Latest News

Guardium

ObserveIT

Categories

Archive for ◊ 2012 ◊

At a Glance