Who needs coffee when you have the best of this weekās local security bloggers at your fingertips?
The featured blog post by Richard Bejtlich is sure to give you a jolt thatās espresso-worthy as he bashes the ISCās take on incident response verses incident handling, and our favorite v-blogger Marcus J. Carey will have you seeing (and maybe even singing) the āgrapevineā in a whole new way.
#3 – Donāt Trust the Grapevine: In his typical style, Marcus J. Carey opened his v-blog post āHeard It Through The Grapevineā with a real-life object/scenario (in this case, Marvin Gaye), and told his audience how it applies to security. It turns out that Gayeās āGrapevineā has some hidden truths for security professionalsĀ about howĀ to bestĀ deal with vendors. Drawing from the famous āGrapevineā lines, āpeople say believe half of what you see, son, and none of what you hear,ā Marcus says the sameĀ should goĀ for vendors: While they might show you a shiny new program that works perfectly on their network or equipment, thereās no guarantee that itās going to work on yours. Our advice? Take the ābake saleā approach; pick the top three technologies youāre considering, ask for demos, set those demos up, and see how they actually work on your network and your equipment. But donāt just believe āwhat you hear;ā be sure toĀ watch the post for yourself.Ā
#2 – Ready, Set, Enumerate: In his post āMaltego Part II – Infrastructure Enumeration,ā Chris Gates (on the Ethical Hacker Network) discusses Infrastructure Footprinting, which he says is āessential for identifying possible systems for remote attacks.ā While Gates has a lot of great text about how to successful carry out Infrastructure Footprinting, itās the detailed screenshots that accompany the text that make this article worth the read. While itās always nice to have clear instructions on how to do something, pictures are always a definite plus (especially for those of us who are visual learners). But before you read Part II of Gateās post, you might want to check out āMaltego Part I – Intro and Personal Reconā for background information.
#1 – ISC Smack Down: Okay, so itās really more of a ābashing,ā or a ādifference of opinion.ā But no matter what you call it, we like it; itās nice to see strong opinions now and again. And in his post āSpeaking of Incident Response,ā Richard Bejtlich certainly has a difference of opinion when it comes to a recent article published by the ISC entitled āIncident Response vs. Incident Handling.ā Bejtlich disagrees with the part of the ISC article that states āIncident Response is all of the technical components required in order to analyze and contain an incident,ā and āIncident Handling is the logistics, communications, coordination, and planning functions needed in order to resolve an incident in a calm and efficient manner.ā According to Bejtlich, ā[t]hat’s not right, and never was.ā While Bejtlich tried pointing this out to the ISC moderators, he didnāt get very far. If youād like to learn more about the real definitions of Incident Response and Incident Handling, you can check out Bejtlichās article here.
Well, all good things come to and end, and so does these posts.Ā But no worries: We’ll be back next week to make sure that your Monday starts of with something a little more interesting than theĀ pile of work in your inbox.
If you think that we missed a post that should have been in our top 3, be sure to leave a comment below or send us a tweet @grecs.
###
It’s not too late! If youāre looking to get back to the heart of security basics, SANS has the perfect event for you in the form of theirĀ Application Security Workshop ā What Works? workshop on April 29th. The workshop will cover the best ways to counter common attacks through general know-how, products, services, and configurations. If youāre interested, visitĀ the SANS section of our Help Us Help You pageĀ to sign up for this workshop.
No related posts.
