The Common Vulnerabilities and Exposures (CVE) system is a critical tool for the cybersecurity industry. CVEs provide consistency in naming and clarity on the nature and impact of various vulnerabilities. In this week’s Linux Security Podcast, Atomicorp CEO Mike Shinn discusses the origin and management of the CVE process, how it’s used by cybersecurity professionals […]
The Efail vulnerability has been in the news and has many people rushing to remove encryption from their email clients. The security vulnerability does impact S/MIME and PGP users, but only a subset. That means a lot of people are removing encryption from their email unnecessarily and putting themselves at risk. Atomicorp CEO Mike Shinn […]
The Equifax data breach quickly arose to become one of the most notorious in history. It was large. Over 147 million people had their financial records exposed to hackers. At least as of March 2018 that was the number. It has been revised upward a number of times and there could be more. The data […]
Web application firewalls (WAFs) have become ubiquitous in our always connected, cloud-driven world. Any device that is exposed to the internet is vulnerable and WAFs can eliminate the risk of entire classes of attacks and vulnerabilities from ever threatening system security. However, not all WAFs and configurations are created equal. Good WAFs block what you […]
Atomicorp’s CEO Mike Shinn walks through his experience with logging, SIEM and OSSEC approaches. He breaks down what is important and how the logging space has evolved over the past 20 years from a security perspective, including the introduction of security automation. Log-based Intrusion Detection System – LIDS Log-based intrusion detection (LIDS) was one of […]
It is not an overstatement to say that the Meltdown and Spectre vulnerabilities were a surprise to the security and microprocessor industries. Chip-level vulnerabilities this severe are rare. Part of the issue stemmed from the fact that the vulnerabilities were created by engineering choices designed to improve microprocessor speed. The engineers had simply not contemplated […]
File Integrity Monitoring is designed to notify you when files have changed on a system. It was one of the very first security detection capabilities in existence and is almost as old as passwords. FIM for PCI DSS Compliance and Other Security Protocols FIM has also been incorporated into many regulatory and security protocols. Mike […]
A Brute Force Attack is one of the oldest cyber attacks. It was even featured in the 1980’s thriller, War Games. In this episode, Mike Shinn walks through how a Brute Force Attack works, reviews some different flavors of attacks and how to defend against them Atomicorp provides unified workload security for cloud, data center […]
File Integrity Monitoring is the process of validating the integrity of operating system or application software files using a verification method based on the comparison of the current file state and a known good baseline. Dan Parriott is an OSSEC contributor who has been using the open source solution since 2006. He is a self-proclaimed […]
One of the most common questions open source project manager Scott Shinn gets about OSSEC is: Is there a management console or GUI for OSSEC? The answer is not in a traditional sense. The command line interface is effective but does not provide log and event visualization. But the open-source security solution does allow users […]