Saturday, April 29, 2017

Advanced Endpoint Protection (AEP)

NSS Labs made a splash at RSA 2017 with the release of their Advanced Endpoint Protection (AEP) test results.


What is AEP?

Saturday, September 17, 2016

Periodic Table of Enterprise CyberSecurity Controls


Cyber Periodic Table of 50 Enterprise Controls
Distributed across three papers, Edward G. Amoroso has written a categorical introduction to the cybersecurity industry.  50 controls important to supporting enterprise cyber risk reduction are defined.

Saturday, July 30, 2016

80% of professionals say on-premisis security more mature than "cloud"


Courtesy Doug Cahill blog (ESG Research

Any company selling SaaS will recognize this type of customer concern. 

Of course the reality is that there is no one "cloud".  Maturity and capability will vary across all organizations and industries.  Unfortunately, many risk assessors mistake possession for security.

When assessing risk to adopt a SaaS product, consider..

Tuesday, July 19, 2016

Bit9 + Carbon Black + Confer


Cybersecurity vendor Carbon Black (formerly bit9) has announced acquisition today of malware detection upstart vendor Confer.

Confer is a lesser known advanced endpoint protection vendor.  It provides a behavior-based method of threat detection.

There is no shortage of "next generation" behavior-based threat detection products, such as:
  • Palo Alto Networks Traps (cyvera)
  • SentinelOne
  • CrowdStrike Falcon

Tuesday, June 21, 2016

Pure JS Ransomware

Sophos posted details of a new Ransomware sample that operates entirely from javascript. 

Different from the recent rash of malicious javascript files, this javascript does not rely on the introduction of a malicious binary.  Sophos titled the malware "JS/Ransom-DDL".

This type of malware can be dangerous if you have never considered javascript as a possible attack vector.  Without a binary to detect/inspect/observe, some advanced malware defense tools will be useless.