At Threat Stack, we develop security software, so it’s important to us that people have the technology they need to manage security issues in today’s business environment.
At the same time, we recognize the Human Factors. Even the best platforms are of limited value if employees don’t recognize or understand the multitude of security issues that surround them in the workplace; don’t understand security best practices; and don’t know how to respond when an incident occurs.
In previous posts, we’ve written about making every employee a security ambassador and talked about empowering them to participate in the process — but haven’t provided many specifics on how to do this.
So this post gives some practical guidance on how you can set up a Security Awareness Program in your organization. The goal is to stop treating security as a series of one-off events or activities that are handled by experts (often in reaction to incidents after they’ve taken place) and to create a proactive, pervasive culture where employees can recognize security risks and then take action on their own or escalate as appropriate.
Read more “4 Steps to Building a Security Awareness Program”
One of the first things any security practitioner will tell you to do is keep your software up to date. It’s the number one way to protect against exploits targeting known vulnerabilities. In fact, most attacks these days don’t use new or novel attack methods, or even recently discovered vulnerabilities to succeed. They often use vulnerabilities that are years old!
Now while it’s simple to say that everyone should just run the most recent versions of operating systems and packages, actually implementing this quickly becomes painful for a number of reasons.
Read more “Vulnerability Management: Navigating the Deep Dark Pit of Version Numbers”
Last Friday, multiple massive distributed denial ofservice (DDoS) attacks hit Dyn, an internet performance management company headquartered in New Hampshire. Dyn is a managed DNS provider to many of the large companies on the internet such as Twitter, Reddit, GitHub, Paypal, Spotify, Heroku, SoundCloud, Crunchbase, Netflix, Amazon, and others.
News surfaced over the following weekend that the Mirai IoT (internet of things) botnet was at least partially responsible for the attack, and according to Dyn, was generating traffic from “10s of millions of discrete IP addresses.”
Instead of rehashing details of how this could have occurred, we want to discuss botnet attacks as part of the new reality in our connected world, and as such, how device manufacturers and device users need to respond. We also want to take a look at the role that governments can or cannot play.
The cloud is very different from on-premise infrastructure in several key ways. Some of these differences become apparent when it comes to external attacks. To get to the core of how these attacks can unfold differently in the cloud (and how they are the same), Threat Stack recently hosted a webinar in which I interviewed security engineer Anthony Alves about the anatomy of a cloud attack.
Read more “Anatomy of an Attack: How the Cloud Gets Hacked”
Last week I spent two fantastic days in Washington, DC attending the AppSecUSA Conference on behalf of Threat Stack, one of the event’s Silver Sponsors.
When people think of the AppSec event, I assume the first thing that comes to mind is just that: Application Security. Given the fact that Threat Stack is more widely known for helping organizations protect their cloud environments, you might well ask why we took part in a show that’s not strictly dedicated to infrastructure security.
Great question, but as you’ll see, the answer is rooted in a match up between a rapidly evolving technology landscape and Threat Stack’s core mission.
Read more “A Look Back at AppSecUSA: From Application Security to DevOps and Beyond”