SANS Information Security Reading Room 25 Computer Security Papers added to the Reading RoomKohanaPHPEnhancing incident response through forensic, memory analysis and malware sandboxing techniques daily, there are reports of successful data breaches and new threat vectors including compromised systems or vulnerable software.Thu, 17 Apr 2014 00:00:00 +0000Windows ShellBags Forensics in Depth Windows records the view preferences of folders and Desktop.Thu, 17 Apr 2014 00:00:00 +0000Rootkit Detection with OSSEC malware consists of a malicious application that gets installed on a victimís computer. Thu, 17 Apr 2014 00:00:00 +0000The Hacker Always Gets Through early 2010, security analysts started noticing something really interesting. Tue, 15 Apr 2014 00:00:00 +0000Exploiting Embedded Devices majority of routers operate using a form of embedded Linux OS. This is an advantage to the majority of penetration testers as Linux is likely to be a familiar platform to work with; however the distributions that routers tend to run are very optimised, and as such the entire firmware for a router is generally only a few Megabytes in size.Thu, 03 Apr 2014 00:00:00 +0000Implementation and use of DNS RPZ in malware and phishing defence organisations, large and small, have a need for outbound content filtering.Thu, 03 Apr 2014 00:00:00 +0000Bridging the Gantt Project Management (PM) novices, the Gantt chart is often seen as the central tool of the project management process.Thu, 27 Mar 2014 00:00:00 +0000An Architecture for Implementing Enterprise Multifactor Authentication with Open Source Tools are all familiar with how password authentication works as we log into dozens of systems each day to check email or view bank account balance.Thu, 27 Mar 2014 00:00:00 +0000Framework for building a Comprehensive Enterprise Security Patch Management Program concept of a patch is pretty straight forward and broadly understood. In business terms, patching is a form of quality control and defect repair. Thu, 27 Mar 2014 00:00:00 +0000Understanding what Service Organizations are trying to SSAE, many companies are choosing to perform common business functions like Finance, Human Resources, Legal, Sales, and Procurement with the use of information systems that reside remotely at a vendor.Thu, 27 Mar 2014 00:00:00 +0000Free and Open Source Project Management Tools management has been around for millennia. In the book of Genesis, Noah is given the Ark project (Genesis 6:11-21, New International Version).Thu, 27 Mar 2014 00:00:00 +0000Rapid Triage: Automated System Intrusion Discovery with Python are six major incident handling phases typically used to manage information security incidents: preparation, identification, containment, eradication, recovery, and lessons learned.Thu, 27 Mar 2014 00:00:00 +0000How to Win Friends and Remediate Vulnerabilities today's era of rapid release development projects, finding vulnerabilities is not difficult.Thu, 27 Mar 2014 00:00:00 +0000Building and Managing a PKI Solution for Small and Medium Size Business use of Public Key Infrastructure (PKI) can be an effective way to meet business, regulatory, and compliance requirements.Thu, 27 Mar 2014 00:00:00 +0000SOHO Remote Access VPN. Easy as Pie, Raspberry Pi..., unencrypted Wireless Access Points (WAPs) have proliferated and are now found in various locations including restaurants, libraries, schools, hotels, airports, etc. Tue, 25 Mar 2014 00:00:00 +0000Inside Mac Security, Inc.'s OS X family is both the result of decades of operating system development and a collection of systems and features from many other systems combined with many unique ideas and implementations.Wed, 19 Mar 2014 00:00:00 +0000Implementing IEEE 802.1x for Wired Networks companies do not have an extra of security layer in place when client computers are connecting to a wired network.Fri, 14 Mar 2014 00:00:00 +0000Simulating Cyber Operations: A Cyber Security Training Framework current shortage (Finkle & Randewich, 2012) of trained and experienced Cyber Operations Specialist coupled with the increasing threat (Sophos, 2013) posed by targeted attacks (Verizon, 2013) suggest more effective training methods must be considered.Mon, 10 Mar 2014 00:00:00 +0000Repurposing Network Tools to Inspect File Systems forensics can be a laborious and multi-step process. Some of the initial steps in digital forensics include: Data Reduction, Anti-Virus checks, and an Indicator of Compromise (IOC) search.Thu, 27 Feb 2014 00:00:00 +0000Integrating Wired and Wireless IDS Data to Gartner, smart phones and other mobile computing devices are rapidly replacing personal computers.Tue, 11 Feb 2014 00:00:00 +0000Using the Department of Defense Architecture Framework to Develop Security Requirements architectures embody the discernable parts of a system and their relationships with each other in a single, normalized data repository.Mon, 10 Feb 2014 00:00:00 +0000Using Open Source Reconnaissance Tools for Business Partner Vulnerability Assessment businesses, no matter what their goals, depend on a network of contacts to survive and grow.Fri, 31 Jan 2014 00:00:00 +0000An Early Malware Detection, Correlation, and Incident Response System with Case Studies"The complexity of software is an essential property, not an accidental one" (Brooks, 1987).Mon, 20 Jan 2014 00:00:00 +0000An Approach to Detect Malware Call-Home Activities the internal network of a large organization, there may be a number of security measures or products in place, such as anti-virus, security patch management, Intrusion Prevention Systems (IPS), Firewalls, etc., and there is still some malware that goes undetected.Fri, 17 Jan 2014 00:00:00 +0000Active Security Or: How I learned to stop worrying and use IPS with Incident handling the obvious nomenclature for viruses and worms, several lessons can also be gleaned from the world of epidemiology and applied to information security.Tue, 14 Jan 2014 00:00:00 +0000