Security is a Holistic Proposition

Gorka Sadowski

Subscribe to Gorka Sadowski: eMailAlertsEmail Alerts
Get Gorka Sadowski via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

Top Stories by Gorka Sadowski

Last time, we saw that the biggest impediments to Cloud Provider's adoption are Trust and Visibility. Today, we'll look at the difficulty of predictive rightsizing, and how elasticity is one of the biggest value proposition of Cloud Providers. One advantage of Cloud Computing is elasticity with self-provisioning, which provides a level of flexibility that didn't exist with traditional Managed Service Providers, and which also allows the selection of a level of service and performance that is close to what is needed. With "traditional" MSPs (Managed Service Providers) and outsourcers, a client would typically negotiate a 3-year contract. Each year, the client would agree on a static SLA (Service Level Agreement) for the next 12 months and it would be extremely difficult to change this SLA during the year. It was always a painful exercise to calculate and approximate wh... (more)

Logs for Better Clouds - Part 3: On-Demand Rightsizing

Cloud Computing on Ulitzer Last time we saw the difficulty in Predictive Rightsizing, a frustrating exercize based on "guesstimation" aimed at predicting future SLA in an everchanging business environment... So what's the answer? The solution is a truly dynamic, elastic, real-time on-demand SLA with a provisioning that is transparent to the users. Provided that you stay within some reasonable boundaries, you can use as many resources as you need, or as few as required, ramping up and slowing down resource usage, without having to provision SLA in advance of usage. This is the ul... (more)

Why Rule-Based Log Correlation Is Almost a Good Idea... Part 4

We saw what typically happens when trying to use static rule-based log correlation to perform real-time incident management... combinatory explosion and lack of scalability. How do you automate non-deterministic attacks in a few discrete steps??? Today, we'll look at more scenarios for which static rule-based log correlation doesn't make sense. Attack Scenario Example 2: Brute Force Attack Let's look at another example scenario. Brute Force Attack. - A user tries to log in to his account - He fails many times in a row and then finally succeeds - Then "probably" a successful Brute ... (more)

Conclusion: Why Rule-Based Log Correlation Is Almost a Good Idea...

During these past few weeks, we have looked at several reasons why a static rule based correlation is not the "SOC in a Box", end-all be all that many thought it was. Indeed what to think about a "solution" that: Can only address a very limited set of attack scenarios Requires meticulous consideration on how to map out the few selected attack scenarios Doesn't guarantee you to catch attacks in progress even when one of the few selected scenario is taking place Obliges you to think of minute details to slightly reduce false positives Yields hundreds and thousands of basic correlat... (more)

Fraud Detection, Financial Industry and E-Commerce | Part 1

Banks and Insurance companies lose billions of dollars every year to fraud. Traditional methods of fraud detection play an important role in minimizing these losses. However increasingly sophisticated fraudsters have developed a variety of ways to elude discovery, both by working together and by leveraging various other means of constructing false identities. Graph databases offer new methods of uncovering fraud rings and other sophisticated scams with a high-level of accuracy, and are capable of stopping advanced fraud scenarios in real-time. While no fraud prevention measures c... (more)