Anatomy of an Energy Sector Attack
The Alert Logic Security Research Team’s Stephen Coty explains the threats to the energy sector in this three-part video blog.
Part 1: Information Security in the Energy Sector
Part 2: Anatomy of an Attack in the Energy Sector
Part 3: Attack Data in the Energy Sector
Alert Logic named A Cool Vendor in Security: Security Services, 2013
Alert Logic announced it has been included in the list of “Cool Vendors” in the Cool Vendors in Security: Security Services, 2013 report by Gartner, Inc1. The report analyzed Alert Logic’s innovative business model, the company’s multiple independent Security-as-a-Service solutions and its cloud-based architecture. You can view the report here.
Anatomy of a Web App Attack
The Security Research Team’s Tyler Borland explains the anatomy of a web app attack in the latest video blog from Alert Logic.
Building security into the cloud
In this video, Urvish Vashi, vice president of marketing at Alert Logic, visits the SC Magazine offices to chat with executive editor, Dan Kaplan, about recent developments in cloud security.
As the cloud has grown in popularity over the years for enterprises, companies have had a tough time overcoming some of the trust issues of moving some data to the cloud. However, as security increases they are more likely to make the move. Security and loss of control are two characteristics that organizations question before moving their assets to the cloud, but according to Vashi the security industry solves those issues over time for their customers.
Data Correlation & Log Management
Why Log Management?
Nearly all customers understand the importance of security technologies like network firewall and antivirus software. But they’re not always as informed about the importance of log management. How do you explain to a customer why log management should be part of their solution?
Log management and log analytics is growing ever important for security and compliance, as well as forensic and investigative capabilities. Customers with compliance requirements have a clear need, but all customers can use log management to detect and investigate security incidents such as data theft or unauthorized access to confidential information.
With a multitude of components such as application servers, operating systems, domain controllers, and network and security devices generating millions of log events, organizations struggle to identify which logs to collect and how to manage the high volume of data they produce. A log management solution will help a customer organize and convert millions of lines of raw data into normalized data that can be better mined to correlate various events that may seem independent from each other. A simple look at even a randomly selected section of this data stream will enable troubleshooting the roots of a complex IT problem or the identification of security and access vulnerabilities.
Of course, reviewing log data requires expertise and discipline, often a challenge for overextended IT staff. Supplementing log management with the expert review of logs enables quick identification of the events that indicate problems, such as incorrectly set policies and configurations. For compliance-oriented customers, review of logs by an external team—not the one that manages system configuration—qualifies as separation of duties in the eyes of an external auditor.
Regular review and analysis of log data is a security best practice worth discussing with customers even when they don’t have compliance requirements. For those who know the value of log management but are struggling with it, Alert Logic’s white paper on Log Management Best Practices (http://alrt.co/VmYt7X) is a good resource. If you need help starting log management conversations with your customers, talk to your Alert Logic account manager for help.
“The Forrester Wave™: Emerging Managed Security Service Providers, Q1 2013”, January, 2013 identifies, researches, analyzes and scores the 10 most significant providers in the MSSP market category. (Read more)
Alert Logic’s Security Research Director discusses anomaly behavior through netflow collection.
For more information on anomaly detection, visit our blog posting, Anomaly Detection Emerges as a New Approach to Threat Management.
Security Intelligence Newsletter Archive
1st Quarter 2012: Can You Have Application Availability Without Security?
2nd Quarter 2012: Top Threats for Service Providers
3rd Quarter 2012: OWASP: Shedding Light on Web Application Security
1st Quarter 2013: Why Log Management
3rd Quarter 2013: Leveraging Analyst Validation in Your Security Sales
1Gartner “Cool Vendors in Security: Security Services, 2013” by Ray Wagner, Neil MacDonald, Joseph Feiman, Ruggero Contu, Peter Firstbrook, Jay Heiser, April 19, 2013.Gartner does not endorse any vendor, product or service depicted in our research publications, and does not advise technology users to select only those vendors with the highest ratings. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for aparticular purpose.