Category


Latest Blogs

All Blogs »

May 16, 2017 | Threat Detection and Hunt Teaming
By Marcus Ranum, IANS Faculty

 Building a Low-Interaction Honeypot on Linux

A low-interaction honeypot is a great threat detection tool, but it can be difficult to create and configure. In this Ask-an-Expert written response, IANS Faculty Marcus Ranum steps through the process of building a Linux-based honeypot with specific services, such as Telnet, SSH, etc.

Read More »


May 12, 2017 | Malware and Advanced Threats
By Joff Thyer, IANS Faculty

 Blocking Adware to Reduce Risk and Improve Browser Performance

Adware is more than a nuisance; it's often a clever delivery mechanism for spyware and malware. How can organizations block it effectively without impacting the business? In this Ask-an-Expert written response, IANS Faculty Joff Thyer explains how adware works and recommends taking a multi-layered approach to mitigating the risk.

Read More »


May 4, 2017 | Threat Intelligence and Modeling
By Adam Shostack, IANS Faculty

 Threat Modeling in an Agile Environment

Threat modeling can be seen as a heavy, complex set of tasks that gets cast aside as we move at the speed of Agile, but in reality, it helps make the shift faster. In this report, IANS Faculty Adam Shostack explains why threat modeling is important, addresses concerns about fitting threat modeling practices into an Agile world and highlights some traps to avoid along the way.

Read More »


May 2, 2017 | Team Structure and Management
By Mike Saurbaugh, IANS Faculty

 Creating a Workable Security Ambassador Program

We all know the importance of getting the business actively involved in security, but what's the best way to go about it? In this Ask-an-Expert live interaction, IANS Faculty Mike Saurbaugh explains how to build a workable security ambassador program that can act as a force multiplier across the business.

Read More »


April 28, 2017 | Penetration Testing and Red Teaming
By Kevin Johnson, IANS Faculty

 Drafting a Pen-Testing Request for Quote (RFQ)

Contracting with third-parties for penetration tests -- against both internal and externally facing resources -- is an important part of security. But what is the best way to craft a request-for-quote? In this Ask-an-Expert written response, IANS Faculty Kevin Johnson examines a sample draft RFQ and offers recommendations to ensure all the bases are covered.

Read More »


April 18, 2017 | Penetration Testing and Red Teaming
By Dave Kennedy, IANS Faculty

 Adversarial Simulations - Evolving Penetration Testing

Penetration testing has been given quite a few names over the past few years, including everything from “vulnerability scanning” all the way to “targeted and direct attacks” against organizations. This comes as attacker techniques themselves are shifting based on organizations adding more detection capabilities into their environments. In this webinar, IANS Faculty Dave Kennedy dives into some of the latest attack vectors and discusses why adversarial simulations are some of the most effective methods for building defenses within your organization. 

Read More »


April 12, 2017 | Vulnerability Assessment and Management
By Josh More, IANS Faculty

 Managing the Vulnerability Exception Process

Vulnerability remediation can often seem like a three-way tug of war between operations, compliance and security. In this Ask-an-Expert written response, IANS Faculty Josh More details best practices for managing exceptions and keeping the whole process on track.

Read More »


April 3, 2017 | Malware and Advanced Threats
By Mike Saurbaugh, IANS Faculty

 IANS Vulnerability and Breach Update: Q1 2017

A new vulnerability or breach seems to be discovered daily, but which should be taken more seriously and which are overhyped? In this report, IANS Faculty Mike Saurbaugh looks back over the major breaches and vulnerabilities of the past three months, explains them and provides real-world context and perspective.

Read More »


March 31, 2017 | DevOps Organization and Strategy
By Michael Pinch, IANS Faculty

 Making Threat Modeling an Integral Part of the Development Process

Threat modeling is a critical part of the mature software delivery process, especially in DevOps environments, but ensuring it's integrated effectively and seamlessly can be tricky. In this Ask-an-Expert written response, IANS Faculty Mike Pinch offers some tips for inserting threat modeling into the development process, along with some key tools to consider.

Read More »


March 2, 2017 | Malware and Advanced Threats
By Ken Van Wyk, IANS Faculty

 Fake News: Fighting a Rampant Malware Delivery Mechanism

Due to its unprecedented success during the recent presidential election, fake news is increasingly being adopted by hackers as an elegant malware delivery mechanism, on par with spear-phishing email. In this report, IANS Faculty Ken Van Wyk details how fake news can be weaponized and offers some concrete steps to protect your company.

Read More »


February 24, 2017 | Vulnerability Assessment and Management
By Kevin Beaver, IANS Faculty

 Assessing Vulnerability Scanning/Management Tools

When it comes to selecting a vulnerability scanning tool, it's often the level of service provided (and not technical capabilities) that separates the various solutions. In this Ask-an-Expert written response, IANS Faculty Kevin Beaver offers a breakdown of some of the key solutions in the space and details some important considerations for organizations in the process of choosing a vendor. 

Read More »


February 23, 2017 | Malware and Advanced Threats
By Kevin Beaver, IANS Faculty

 Strategies for Thwarting State-Sponsored Hacks

State-sponsored attackers are, by definition, highly skilled and highly funded. How can we keep up? In this report, IANS Faculty Kevin Beaver details the challenges around state-sponsored hacking, including the threats, vulnerabilities and risks that must be addressed, starting today, if organizations are going to stay off their radar. 

Read More »


February 3, 2017 | Security Awareness, Phishing, Social Engineering
By Mike Saurbaugh, IANS Faculty

 Helping Users Avoid Common Tax Scams

While some people anxiously await their tax refund, scammers are also waiting with bated breath for unsuspecting individuals to slip up and fall for one of their tactics. In this Ask-an-Expert written response, IANS Faculty Mike Saurbaugh reviews some of the most common tax scams and offers some tips and proactive defenses to avoid getting 

Read More »


January 26, 2017 | Threat Intelligence and Modeling
By Bill Dean, IANS Faculty

 Pros and Cons of CISA’s Threat-Sharing Program

With the passage of CISA and with DHS’ Automated Indicator Sharing (AIS) program getting up and running, organizations interested in sharing threat intelligence can now consider automating the process. How can they ensure their automated feed is scrubbed of PII and won’t leave them open to liability or privacy concerns? In this report, IANS Faculty Bill Dean offers tips for sharing threat indicators both automatically and safely.

Read More »


January 25, 2017 | Mobile Access and Device Management
By Aaron Turner, IANS Faculty

 Preventing Phishing on Mobile Devices

Phishing attacks happen on every platform, but few anti-phishing tools are available for mobile. In this Ask-an-Expert live interaction, IANS Faculty Aaron Turner suggests some network-based controls that can help reduce the risk and underscores the need for mobile-focused user awareness training.

Read More »


January 12, 2017 | Malware and Advanced Threats
By Mike Saurbaugh, IANS Faculty

 IANS Vulnerability and Breach Update: Q4 2016

A new vulnerability or breach seems to be discovered daily, but which should be taken more seriously and which are overhyped? In this report, IANS Faculty Mike Saurbaugh looks back over the major breaches and vulnerabilities of the past three months, explains them and provides real-world context and perspective.

Read More »


January 10, 2017 | Security Awareness, Phishing, Social Engineering
By Mike Saurbaugh, IANS Faculty

 Moving From Security Awareness Toward Behavioral Change

There is no one-size-fits-all approach to security awareness, and the levels to your awareness program will vary based on department and the users' general knowledge of security. In this Ask-An-Expert written response, IANS Faculty Mike Saurbaugh details certain steps you can take to bring your program from basic awareness to actual behavioral change, and offers tips for measuring the success of your security awareness program. 

Read More »


January 5, 2017 | Malware and Advanced Threats
By Dave Shackleford, IANS Faculty

 Information Security Trends for 2017

2016 was a challenging year for infosec, with the proliferation of ransomware, IoT botnets and more. What new attacks will surface in 2017, and what hot technologies are on the horizon to fight them? In this webinar and corresponding report, IANS Lead Faculty Dave Shackleford reveals major trends in store for IT security professionals in the coming year.

Read More »


November 7, 2016 | Malware and Advanced Threats
By Adam Ely, IANS Faculty

 Protecting Against the Latest Wave of DDoS Attacks

Now that Internet-of-Things (IoT)-based DDoS attacks are in the news, is it time to rethink your DDoS strategy? In this Ask-an-Expert live interaction, IANS Faculty Adam Ely outlines key strategies to implement at the network, server and operations level to defend against all types of DDoS attacks, even this latest iteration.

Read More »


November 3, 2016 | Vulnerability Assessment and Management
By Michael Pinch, IANS Faculty

 Vulnerability Patching Policy Best Practices

Patching and vulnerability management can be a highly variable process depending on a number of factors, but there are some basic best practices that organizations can adhere to. In this Ask-an-Expert written response, IANS Faculty Mike Pinch details these best practices for vulnerability scanning and management, including for servers, endpoints and at the application level.

Read More »


November 3, 2016 | Malware and Advanced Threats
By Michael Pinch, IANS Faculty

 Health Care Roundtable: Tackling Ransomware

Ransomware is a scourge across every vertical but it seems to have found a soft spot in health care. For this roundtable, IANS brought together a group of health care sector security executives to talk about the problems they face and the strategies they are using to get ahead of the ransomware issue.

Read More »


October 27, 2016 | Insider Threats
By John Strand, IANS Faculty

 Going from Reactive to Proactive with Insider Threats

Honing your response to an insider threat is difficult enough, but building on the program to proactively identify and thwart potential malicious insiders is fraught with risk. In this Ask-an-Expert live interaction, IANS Faculty John Strand outlines the importance of partnering with HR, choosing the right tool set and funding the program adequately.

Read More »


October 4, 2016 | Data Breaches
By Mike Saurbaugh, IANS Faculty

 IANS Vulnerability and Breach Update: Q3 2016

A new vulnerability or breach seems to be discovered daily, but which should be taken more seriously and which are overhyped? In this report, IANS Faculty Mike Saurbaugh looks back over the major breaches and vulnerabilities of the past three months, explains them and provides real-world context and perspective.

Read More »


September 29, 2016 | Threat Intelligence and Modeling
By Aaron Turner, IANS Faculty

 Breaking Down Cyber Threat Trends in Mexico

For organizations that operate in Mexico and Latin America, it's important to keep tabs on the current cyberthreat trends taking hold in these countries. In this live Ask-an-Expert response, IANS Faculty Aaron Turner details the current threat landscape in Mexico and Latin America, from ATM attacks to state-sponsored cybercrime.

Read More »


September 21, 2016 | Insider Threats
By Bill Dean, IANS Faculty

 Insider Threats: Understanding the Risks

Insider threats can often pose a greater risk to an organization than external actors. In this Ask-an-Expert written response, IANS Faculty Bill Dean offers some key statistics regarding insider threats and provides a number of steps organizations can take to anticipate and prepare for the risks posed by insiders.

Read More »


September 20, 2016 | Security Awareness, Phishing, Social Engineering
By Chris Gonsalves, IANS Director of Technology Research

 Recognizing, Protecting Against Social Media Threats

These days, enterprises need to be very aware of the fact that once information gets posted to a social site, it can never again be considered private. In this Ask-an-Expert written response, IANS Director of Technology Research Chris Gonsalves breaks down some of the common types of social media-related attacks organizations could face and offers a number of tips and features designed to combat these attacks.

Read More »


August 18, 2016 | Security Awareness, Phishing, Social Engineering
By Kevin Beaver, IANS Faculty

 CEO Spoofing: Don't Get Fooled!

Austrian aerospace firm FACC fired its CEO after losing nearly €50 million when fraudsters posing as the CEO forced the finance department to approve multimillion dollar payments. In this report, IANS Faculty Kevin Beaver explains how such scams work and offers tips to ensure your company doesn’t become the next victim.

Read More »


August 15, 2016 | Threat Intelligence and Modeling
By Michael Pinch, IANS Faculty

 IANS Pragmatic Threat Modeling

IT Security has long been a practitioner of traditional risk assessments, but threat modeling brings an entirely new, attacker-centric view of your systems. Threat modeling methodologies have been around in many forms, but until now, there hasn't been a simple and time-effective way to operationalize them. In this webinar, IANS Faculty Mike Pinch delves into the IANS Pragmatic Threat Modeling Toolkit, designed to help jumpstart and evolve your organization's risk management efforts.

Read More »


July 21, 2016 | Penetration Testing and Red Teaming
By Bill Dean, IANS Faculty

 Examining Top Penetration Testing Tools

As the features and functionality of vulnerability assessment and penetration tools continue to evolve, a number of vendors have begun to enter the spaces. In this Ask-an-Expert written response, IANS Faculty Bill Dean details the various open-source and commercial tools available and offers factors to consider for choosing the most effective solutions. 

Read More »


July 20, 2016 | Security Awareness, Phishing, Social Engineering
By Kati Rodzon, IANS Faculty

 Improving Security Awareness Training Through Gamification

Information security is not all fun and games… or is it? More and more, organization are turning to gamification to boost the effectiveness of user security awareness training. In this webinar, IANS Faculty Katrina Rodzon discusses the key behavioral factors for successful gamified security training programs and explains how to set clear expectations for your program, identify user behaviors to target and manipulate the learning curve to maximize results.

Read More »


July 7, 2016 | Vulnerability Assessment and Management
By Mike Saurbaugh, IANS Faculty

 IANS Vulnerability and Breach Update: Q2 2016

A new vulnerability or breach seems to be discovered daily, but which should be taken more seriously and which are overhyped? In this report, IANS Faculty Mike Saurbaugh looks back over the major breaches and vulnerabilities of the past three months, explains them and provides real-world context and perspective. 

Read More »


May 18, 2016 | Malware and Advanced Threats
By Kevin Beaver, IANS Faculty

 Rooting Out Ransomware

Hiding in everything from phishing emails, Office files, website ads and more, ransomware is fast becoming a real threat for many businesses. In this report, IANS Faculty Kevin Beaver examines ransomware’s latest attack vectors and offers concrete steps for rooting it out before it brings your business to a halt.

Read More »


May 12, 2016 | Threat Intelligence and Modeling
By Diana Kelley, IANS Faculty

 Taking Your Threat Intelligence to the Next Level

Myriad security vendors offer threat?intelligence services they claim will keep your organization ahead of emerging threats. In this webinar, IANS Faculty Diana Kelley examines the threat intelligence landscape and reviews 10 questions every security team must answer before selecting an intelligence source.

Read More »


April 12, 2016 | Security Awareness, Phishing, Social Engineering
By Kevin Johnson, IANS Faculty

 Justifying a Phishing Program to Top Management

Security organizations may know the worth of a good phishing awareness program, but how do they get top management on the same page? In this Ask-an-Expert live interaction, IANS Faculty Kevin Johnson offers three major justifications top execs will quickly understand and support.

Read More »


April 1, 2016 | Vulnerability Assessment and Management
By Mike Saurbaugh, IANS Faculty

 IANS Vulnerability and Breach Update: Q1 2016

A new vulnerability or breach seems to be discovered daily, but which should be taken more seriously and which are overhyped? In this report, IANS Faculty Mike Saurbaugh looks back over the major breaches and vulnerabilities of the past three months, explains them and provides real-world context and perspective.

Read More »


February 29, 2016 | Threat Intelligence and Modeling
By Aaron Turner, IANS Faculty

 Getting a Handle on the Emerging Threat Landscape

Commodity threat feeds are great at helping security organizations understand attacks that are happening now, but what about evolving threats six months out? In this Ask-an-Expert live interaction, IANS Faculty Aaron Turner provides some sources for more longer-term intel and details emerging threats in business logic attacks, exploit behavior and exploit technology.

Read More »


February 18, 2016 | Threat Detection and Hunt Teaming
By Joff Thyer, IANS Faculty

 How to Think Like an Attacker

With attackers continuing to find highly targeted ways to bypass defenses, security organizations are under more pressure than ever to "defend the castle." In this report, IANS Faculty Joff Thyer offers a number of steps for security teams to out-think potential attackers, from performing internal reconnaissance to educating users about the potential virtual threats they may encounter.

Read More »


February 1, 2016 | Security Awareness, Phishing, Social Engineering
By Mike Saurbaugh, IANS Faculty

 Making Security a Focal Point for Employees

While many organizations consider employee security awareness training to be imperative, it can be difficult in practice to implement an effective program. In this Ask-an-Expert written response, IANS Faculty Mike Saurbaugh explains that behavioral change should be a key focus in security awareness programs and recommends keeping the program simple, interesting and in sync with marketing efforts.

Read More »


January 28, 2016 | Security Awareness, Phishing, Social Engineering
By Kati Rodzon, IANS Faculty

 Security Awareness: It's Not All Fun and Games – Or Is It?

More companies are looking to gamification for inspiration on how to design their security awareness program – but what is the best way to go about it? In this report, IANS Faculty Kati Rodzon explains the basics of gamification and shows how to leverage game-based goals, rewards and strategies to help make your security awareness training program more fun and effective.

Read More »


January 22, 2016 | Penetration Testing and Red Teaming
By Adam Ely, IANS Faculty

 Tips for Holding a Successful Company-wide Red Team/Blue Team Exercise

Getting defensive-minded security staffers to think like attackers isn't easy, but participating in a well-run company red team/blue team exercise may help. In this Ask-an-Expert live interaction, IANS Faculty Adam Ely offers tips for organizing and administering a company-wide event that ensures participants not only stay engaged but actually learn something.

Read More »


January 5, 2016 | Vulnerability Assessment and Management
By Mike Saurbaugh, IANS Faculty

 IANS Vulnerability and Breach Update: Q4 2015

A new vulnerability or breach seems to be discovered daily, but which should be taken more seriously and which are overhyped? In this report, IANS Faculty Mike Saurbaugh looks back over the major breaches and vulnerabilities of the past three months, explains them and provides real-world context and perspective.

Read More »


December 22, 2015 | Security Awareness, Phishing, Social Engineering
By Mike Saurbaugh, IANS Faculty

 Coordinating Phishing Exercises for Executives

Phishing attacks make up a significant percentage of all attempts at compromising organizations, and these attacks often target the executive team. In this Ask-an-Expert written response, IANS Faculty Mike Saurbaugh offers recommendations and a template for building a phishing awareness program specifically tailored to executives.

Read More »


December 17, 2015 | Security Awareness, Phishing, Social Engineering
By Adam Ely, IANS Faculty

 Reducing Analysis and Response Time on Suspected Phishing Email

Every security program wants users to report suspicious email to thwart potential phishing attempts. The problem comes when users start reporting legitimate email sent by internal departments and approved vendors. In this Ask-an-Expert interactive response, IANS Faculty Adam Ely offers some tools and strategies to help flag legitimate email and speed email analysis and response.

Read More »


December 8, 2015 | Threat Intelligence and Modeling
By Paul Asadoorian, IANS Faculty

 Threat Intelligence: Stop Boiling the Ocean

With so much data and so many sources of threat intelligence, how can security teams know which to leverage and how? In this report, IANS Faculty Paul Asadoorian offers a run-down of what threat intelligence can (and can’t do) and highlights some tools and strategies mature security organizations can use to turn all that data into meaningful threat indicators.

Read More »


November 30, 2015 | Threat Detection and Hunt Teaming
By Marcus Ranum, IANS Faculty

 Detailing Advanced Detection Techniques

Security teams are continually plagued by the problem of detecting malware and advanced threats. In this Ask-an-Expert written response, IANS Faculty Marcus Ranum details the potential benefits of a "soft whitelisting" approach and recommends combining a configuration management tool with AppLocker to generate useful logs.

Read More »


October 30, 2015 | Vulnerability Assessment and Management
By Mike Saurbaugh, IANS Faculty

 IANS Vulnerability and Breach Update: Q3 2015

A new vulnerability or breach seems to be discovered daily, but which should be taken more seriously and which are overhyped? In this report, IANS Faculty Mike Saurbaugh looks back over the major breaches and vulnerabilities of the past three months, explains them and provides real-world context and perspective.

Read More »


September 23, 2015 | Threat Intelligence and Modeling
By John Strand, IANS Faculty

 Tips for Pinpointing Threats in an Ocean of Data

Wading through reams of log data to discern actual threats is no easy feat. In this Ask-an-Expert written response, IANS Faculty John Strand suggests some tools and strategies that make the task a little easier so teams can spend less time looking for threats and more time eradicating them.

Read More »


September 18, 2015 | Security Information and Event Management (SIEM) and Log Management
By Bill Dean, IANS Faculty

 Choosing the Right Commercial Threat Feed for a LogRhythm Environment

The benefits of threat intelligence are becoming increasingly clear for security professionals, but which feeds are the most effective when it comes to automating intelligence into a SIEM? In this Ask-an-Expert written response, IANS Faculty Bill Dean explains that when it comes to threat intelligence, organizations should focus on preventing targeted attacks, and lists a number of useful commercial and open-source threat feeds.

Read More »


September 15, 2015 | Security Awareness, Phishing, Social Engineering
By Mike Saurbaugh, IANS Faculty

 Blocking Newly Registered Domains to Prevent Phishing Attacks

Mail traffic from newly registered domains is a common red flag for security leaders, as it often signals a phishing attack. In this Ask-an-Expert written response, IANS Faculty Mike Saurbaugh outlines a number of options organizations can consider to reduce their susceptibility to this type of attack, including URL rewriting, integrated Web gateway, DLP and next-generation firewalls.

Read More »


August 14, 2015 | Threat Detection and Hunt Teaming
By John Strand, IANS Faculty

 Recognizing a Slow Burn: Tips for Uncovering Slow, Stealthy Malware (Webinar Replay/Slides)

The most successful malware doesn’t announce its presence, but instead works to siphon away critical data in a slow trickle that’s difficult to alert on and identify. In this webinar, IANS Faculty John Strand details tried-and-true strategies for uncovering slow, stealthy malware, with a particular focus on hunt teaming.

Read More »


August 10, 2015 | Vulnerability Assessment and Management
By Dave Shackleford, IANS Faculty

 Vulnerability Patching SLA Best Practices

Patch management is a fundamental security function, but it can be difficult for organizations to determine the appropriate timeframes for implementing these patches. In this Ask-an-Expert written response, IANS Faculty Dave Shackleford explains the importance of software criticality rankings and details industry-standard patch rollout timeframes.

Read More »