At Threat Stack, we’re constantly exploring ways to advance cloud server forensics. We’re especially attentive to this as it’s an area of cloud security that’s becoming more critical since the attack vector of cloud is growing.
Forensic logs can lay out the scope of an attack that’s occurred on your servers, but getting to the bottom of what’s been done is usually much easier said than done. In fact, you can easily find yourself paying up to $600/hr for a security consultant to do this exact work if you don’t have the right tools in the first place. But what does it mean to have the right tools?
Do existing methods work?
Read more “Cloud Server Forensics Take Center Stage”
A tale of a suspicious Linux process (with a dash of dog food thrown in)
The other day my coworker informed me, “Hey, there’s a weird process making network connections on your box.” A dreaded string of words if there ever were any for the security-conscious developer.
Read more ““Yt? Seeing something odd in the logs…””
Too many times we hear and read about how insecure the cloud is or worse — that the cloud is already secure because IaaS providers have security groups and protection capabilities. These ideologies are all too common and far too wrong. By using outsourced cloud infrastructure, you are only outsourcing your infrastructure, not your security. Security is always your responsibility.
Read more “Cloud Security Is Always Your Responsibility”
Since starting Threat Stack in November of 2012, it has been our mission to create the most powerful security monitoring and forensics platform built specifically for the cloud. Since then, we’ve been honored and humbled to work with many of the world’s top cloud and security providers and experts.
Now, we’re excited to announce that Richard Bejtlich, CSO of Mandiant, and Chris Wysopal, CTO and co-founder of Veracode, have joined the Threat Stack Advisory board.
Read more “Richard Bejtlich and Chris Wysopal Join Threat Stack Advisory Board”
If you think Rick Spickelmier is correct, you’re dead wrong.
Recently, an article in Pando Daily asserted that the “cloud” is secure — so, long live the cloud, stop worrying and learn to love the cloud. Right??
Read more “Cloud Security is Not a Binary Question”
Today, Virginia based cyber-security firm MANDIANT released a 60+ page intelligence report describing an Advanced Persistent Threat (APT) actor named APT-1 (others familiar with the group may know them as WebC2).
Read more “APT Intelligence Update”
Snorby Mobile 1.0.0 is now available in the app store. The mobile application will work with any Snorby install >= 2.5.3. Snorby Cloud (https://cloud.snorby.org) integration will be added in the next release making the process of adding multiple collection servers painless. Let us know what you think and if you have any suggestions.