Welcome!

Security is a Holistic Proposition

Gorka Sadowski

Subscribe to Gorka Sadowski: eMailAlertsEmail Alerts
Get Gorka Sadowski via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories by Gorka Sadowski

Another hack attack hits the headlines http://tinyurl.com/yebvj8p Big deal. This stuff happens every day now right?  Wrong. Not on this scale it doesn’t. The Kneber Bot has penetrated 75,000 systems, 2,500 companies across in 196 countries.  This is not a straightforward Trojan - a simple smash and grab. This one’s a game changer. Systems compromised by this botnet provide the attackers with not only user credentials and confidential information, but remote access inside the compromised network.  Just some of the data stolen includes: 68,000 corporate log-in credentials Access to e-mail systems, online banking sites, Facebook, Yahoo, Hotmail and other social networking credentials 2,000 SSL certificate files Dossier-level data sets on individuals, including complete dumps of entire identities from victims' machines. Penetration of this scale and amongst such an esteeme... (more)

Why Rule-Based Log Correlation Is Almost a Good Idea... Part 4

We saw what typically happens when trying to use static rule-based log correlation to perform real-time incident management... combinatory explosion and lack of scalability. How do you automate non-deterministic attacks in a few discrete steps??? Today, we'll look at more scenarios for which static rule-based log correlation doesn't make sense. Attack Scenario Example 2: Brute Force Attack Let's look at another example scenario. Brute Force Attack. - A user tries to log in to his account - He fails many times in a row and then finally succeeds - Then "probably" a successful Brute ... (more)

Logs for Better Clouds - Part 3: On-Demand Rightsizing

Cloud Computing on Ulitzer Last time we saw the difficulty in Predictive Rightsizing, a frustrating exercize based on "guesstimation" aimed at predicting future SLA in an everchanging business environment... So what's the answer? The solution is a truly dynamic, elastic, real-time on-demand SLA with a provisioning that is transparent to the users. Provided that you stay within some reasonable boundaries, you can use as many resources as you need, or as few as required, ramping up and slowing down resource usage, without having to provision SLA in advance of usage. This is the ul... (more)

Logs for Better Clouds - Part 6

Log Collection and Reporting requirements So far in this series we have addressed: Trust, visibility, transparency. SLA reports and service usage measurement. Daisy chaining clouds. Transitive Trust. Intelligent reports that don't give away confidential information. Logs.  Log Management. Now, not all Log Management solutions are created equal, so what are some high-level Log Collection and Reporting requirements that apply to Log Management solutions? Log Collection A sound Log Management solution needs to be flexible to collect logs from a wide variety of log sources, including b... (more)

Preventive Security Through Behavior Modification

Over the next few weeks, we'll investigate how the expression "An ounce of prevention is worth a pound of cure" could also be applied to the IT world, and what are the tools to foster preventive security through behavior modification. When looking at IT security, it seems that most of the security solutions today are based on Defensive Security. Technologies such as AntiVirus, Firewalls, Intrusion Detection Systems and Intrusion Prevention Systems, Anti-Trojan, Anti-Worms, and Anti-Spyware belong in this category. The primary focus of these technologies is defending against secu... (more)