This past week I was excited to present a talk on the work I’m doing at Indeed, specifically the implementation of a risk based information security management program and the benefits both to security engineers and the business.
This past week I presented my talk “Learning from Failure: Tales of Incident Response Gone Wrong” at the 2019 SpiceWorld Conference in Austin, Texas. If you’re looking for the slides then I’ve got good news! They’re posted right here.
UPDATE: This vulnerability has been assigned the Common Vulnerability and Exposure ID of CVE-2018-7698 by MITRE.
I’ve been testing out a beta version of an IDS (Intrusion Detection Sensor) that we’re planning to release sometime soon specifically for small businesses, tech savvy home users, and others. I currently have it running on my home network and the alerts I’ve been seeing have really made me much more aware of the potential risks we encounter every day. For example, a game my wife plays on her mobile phone has been triggering spyware and malware alerts thanks to the ads that constantly pop up.
Having all of your devices on a single subnet is easy and convenient. You can access network resources simply by using their hostname, and everything just works. But that kind of configuration also makes it easy for attackers to break into your systems and steal all of your critical data since there’s very little stopping them from jumping from one system to another.
LibreNMS is a fantastic and FREE network monitoring tool that can be extremely useful. Whether you’re a home user who wants to monitor their small network or an enterprise user tracking connectivity between multiple datacenters LibreNMS is a tool that can track all of the metrics you’d like and provide real-time intelligence to make sure everything is working perfectly.
But how exactly are you going to run this new tool? The good news is that if you’ve got about $60 and a few hours to tinker you can get it up and running on a Raspberry Pi 3 B+.
This past weekend I presented a talk at BSides San Antonio titled “IDS Configuration for Beginners.” Here’s the abstract from the conference website:
Whether you’re securing your home network or a corporate campus an Intrusion Detection Sensor (IDS) is a great tool to detect and identify threats on your network such as brute force attacks, malware infections, and active intrusions by malicious actors. In this talk we will discuss where to place your IDS for maximum effectiveness, a brief discussion of some IDS solutions on the market, and walk through a basic IDS configuration live on stage.