The Realities of Hybrid Computing Today & How to Stay Secure

As we hurtle into the future, it often seems that talk in the tech media revolves around cloud computing. But the reality for many companies, especially larger enterprises, is that the transition to the cloud is going to take time. In many cases, today’s environments are more of a hybrid — with some assets residing in the cloud, while others are firmly on-premise, and still more are in a state of transition. Regardless of where your organization is on this continuum, security needs to go right along with it.

The good news is that there’s no need to sacrifice security — or visibility — because some or all of your resources remain on-prem. Read more “The Realities of Hybrid Computing Today & How to Stay Secure”

The Linux “Grinch” Vulnerability: Separating Fact From FUD

Recently, a security firm reported what they claimed to be a flaw with a major impact on organizations running Linux. (And apparently since all the rage these days is to give bugs code names, they pre-seeded the market with this timely one: “grinch”).

Linux software bugs have been huge this year, leaving administrators reeling to patch themselves from Shellshock, Heartbleed, POODLE, etc. With claims that this vulnerability could have an impact similar to Shellshock, I really wanted to dive into what the “grinch” bug means in order to separate the fact from the FUD.

Read more “The Linux “Grinch” Vulnerability: Separating Fact From FUD”

Threat Stack vs. Red Hat Auditd Showdown

One of things we like at Threat Stack is magic.  But since magic isn’t real, we have to come up with the next best thing, so we’ve hired one of the libevent maintainers Mark Ellzey Thomas (we like to call him our ‘mad kernel scientist’) to make our agent the best in its class. 

Many of the more savvy operations and security people that use our service are blown away by the types of information we can collect, correlate, and analyze from Linux servers. They say something to the effect of, “I’ve tried to do this with (Red Hat) auditd, with little to no success… how do you guys do it?”  

Read more “Threat Stack vs. Red Hat Auditd Showdown”

Our new Snorby Cloud sensor setup is amazing

When Dustin developed and launched Snorby in 2009, he had a vision of creating an application that made the process of analyzing and classifying events accessible as simple as possible for analysts. While this helped make NSM accessible to more people, the process of actually deploying the sensor infrastructure remains cumbersome.

Read more “Our new Snorby Cloud sensor setup is amazing”