Web Admin Blog

Real Web Admins. Real World Experience.

Entries for the ‘Security’ Category

My First Experiences with a Palo Alto Firewall

I’ve been following Palo Alto as a networking company for a couple of years now.  Their claim is that the days of the port-based firewall are dead and that their application-centric approach is a far better way to enforce your access controls.  Take the HTTP protocol for example.  HTTP typically runs as a service on […]

Rise of the Personal Firewall

The other day I read that Comcast is launching a new plan to turn home internet users into unwilling participants in their new global wifi strategy.  I’m sure that they will soon be touting how insanely awesome it will be to get “full strength” internet access virtually anywhere just by subscribing to this service.  Other […]

Analyzing NetFlow for Data Loss Detection

The 2014 Verizon Data Breach Investigation Report (DBIR) is out and it paints quite the gloomy picture of the world we live in today where cyber security is concerned.  With over 63,000 security incidents and 1,367 confirmed data breaches, the question is no longer if you get popped, but rather, when.  According to the report, […]

Rating Your Options for Password Policies and Access Management

Today I did an interesting experiment that I thought was worth sharing with others.  I tried to come up with a ten item list of password/access management policies based on increasing levels of security.  On my list, a “10” effectively means the most secure access management and password polices whereas as “0” effectively means nothing.  […]

Enterprise Risk Management for the Masses

A couple of years ago I decided, along with support from my management, that Enterprise Risk Management would become a focal point for my Information Security Program.  I was convinced that framing vulnerabilities in the form of risks was essential to giving management visibility into issues they currently didn’t know existed and to give our […]

Six Reasons Why Your Company Needs a Chief Information Security Officer (CISO)

I am going to start out here by saying that I do not now, nor have I ever, held the title of Chief Information Security Officer (CISO).  That having been said, I do effectively fill this role as the Information Security Program Owner for a large, $1B+ per year, public company.  Some of what follows […]

First Impression of LYNXeon 2.29

Let’s say that you go to the same restaurant at least once a week for an entire year.  The staff is always friendly, the menu always has something that sounds appealing, and the food is always good enough to keep you coming back for more.  The only real drawback is that it usually takes a […]

Combining Tools for Ultimate Malware Threat Intelligence

Last year I gave a talk at a number of different conferences called “The Magic of Symbiotic Security: Creating an Ecosystem of Security Systems” in which I spoke about how if we can break our security tools out of their silos, then they become far more useful.  Lately, I’ve been doing a lot of work […]

Lessons Learned from Participating in my First CTF

Yesterday I finished competing in my first ever Capture The Flag (CTF) tournament.  It was called Kommand and Kontroll Revenge of the Carders and was run by Rod Soto of Prolexic.  I’m going to caveat this post by saying that this was my first ever CTF competition so I have absolutely no baseline of comparison.  […]

Malware is Using TOR to Bypass Your Domain Blacklists

About a week ago I turned on a new rule on our IPS system that is designed to detect (and block) users who are using TOR to make their activities on our network anonymous.  You can say that TOR is about protecting a user’s privacy all you want, but I’d argue that while using corporate […]