Filter By:

Recent Blogs & Podcasts

21 Results for: "Marcus Ranum"

 



September 21, 2017 | Threat Detection and Hunt Teaming
By Marcus Ranum, IANS Faculty

 Honeypots: Don’t Bar the Window; Be the Window

One of the best ways to detect someone climbing into your window is to instrument the window. It’s a different way of thinking about the problem of “too many alerts” in your operations center: narrow the alerts down to activities you don’t expect to see occur. In this report, IANS Faculty Marcus Ranum explains how to cut through the noise with targeted alerts and offers tips and tricks to ensure that your honeypot management doesn’t become a nightmare. 

Read More »


July 31, 2017 | Incident Investigations, Handling and Tracking
By IANS Faculty, IANS Faculty

 Poll: Is It Better to Shut Down/Disconnect a Suspected Malware-Infected Device or Leave It Running?

When malware strikes, ensuring employees know and take the right steps immediately can make all the difference. In this report, IANS Faculty Mark Clancy, Dave Kennedy, Aaron Turner and Marcus Ranum weigh in on whether employees' first step should be to shut down the infected machine or contact security. 

Read More »


July 17, 2017 | Incident Response Planning
By Marcus Ranum, IANS Faculty

 Best Practices for Dynamic Business Unit Isolation

When malware strikes, many companies rush to isolate their critical business units from potentially infected corporate resources, but what are the best ways to go about this? In this Ask-an-Expert live interaction, IANS Faculty Marcus Ranum suggests scaling the separation level to match the threat, and pre-positioning key tools to ease after-separation monitoring and response.

Read More »


July 14, 2017 | Endpoints
By Marcus Ranum, IANS Faculty

 Navigate the Changing Landscape of ‘Next-Gen’ Antivirus and Endpoint Protection

From OSX to iOS and Windows XP to Windows 10, there is a very broad expanse of territory that has to be covered from an endpoint security perspective these days. In this report, IANS Faculty Marcus Ranum offers suggested investments in endpoint security over the next 24 months, and gives tips for evaluating all of the new “next-gen AV” products on the market today. 

Read More »


May 16, 2017 | Threat Detection and Hunt Teaming
By Marcus Ranum, IANS Faculty

 Building a Low-Interaction Honeypot on Linux

A low-interaction honeypot is a great threat detection tool, but it can be difficult to create and configure. In this Ask-an-Expert written response, IANS Faculty Marcus Ranum steps through the process of building a Linux-based honeypot with specific services, such as Telnet, SSH, etc.

Read More »


April 7, 2017 | Password Management
By IANS Faculty, IANS Faculty

 Poll: What Are the Best Password Strategies?

Password guidelines seems to change all the time. With new recommendations from NIST and vendors like Microsoft cropping up, how can enterprises determine the best approach? In this Faculty Viewpoint report, IANS Faculty Rich Guida, John Galda, Jason Gillam, Kevin Beaver, Marcus Ranum and Stephen McHenry offer their opinions and some rules of thumb for creating strong, enforceable password policies.

Read More »


March 10, 2017 | Architecture, Configuration and Segmentation
By Marcus Ranum, IANS Faculty,
     Ron Dilley, IANS Faculty

 Securing Your Network With Overlapping Controls

Many security practitioners complain about being flooded with alerts and vulnerabilities, because they don't get to design their systems so that the alerts are useful. Segmentation is one of many techniques these practitioners can use to manage alerts and reduce breach
impact. In this webinar, IANS Faculty Marcus Ranum and Ron Dilley describe a model for administratively breaking your network apart into management "zones" that can be analyzed and secured separately.

Read More »


June 24, 2016 | Risk Management
By Marcus Ranum, IANS Faculty,
     Aaron Turner, IANS Faculty,
     Kevin Beaver, IANS Faculty

 Poll: Can a FICO Score for Enterprise Security Work?

We are all familiar with the FICO score for rating consumer credit-worthiness, but what about a FICO score for enterprise security? In this report, IANS Faculty Marcus Ranum, Aaron Turner and Kevin Beaver discuss whether FICO's plans to leverage its QuadMetrics acquisition to produce such a metric makes sense.

Read More »


June 2, 2016 | Networking and Network Devices
By Marcus Ranum, IANS Faculty

 From Tools to Understanding: Reinventing Security

Let’s face it: Current security practices just aren't working. Patching – and playing whack-a-mole with malware – is an endless, grinding failure. In this report, IANS Faculty Marcus Ranum introduces a completely new model for building secured networks from the ground up and uses real-world examples to show how putting in some hard work upfront can pay big security dividends.

Read More »