http://blog.triumfant.com A Blog About Cyber Security and All Things Triumfant Wed, 09 May 2012 14:19:22 +0000 hourly 1 http://wordpress.com/ http://blog.triumfant.com/2012/05/02/2011-the-year-we-recognized-we-were-getting-breached/#comment-3847 Wed, 09 May 2012 14:19:22 +0000 http://blog.triumfant.com/?p=1266#comment-3847 [...] SCAP/FDCC Compliance ← 2011 – The Year We Recognized We Were Getting Breached [...]

]]> http://blog.triumfant.com/2010/04/26/antivirus-detection-rates-undetected-attacks-are-still-attacks/#comment-3846 Wed, 09 May 2012 14:19:20 +0000 http://blog.triumfant.com/?p=694#comment-3846 [...] not know.  And what we do not know is the proportion between detected and undetected breaches.  I raised a similar question in a blog post about malware detection rates tow years ago and noted that an undetected attack is still an attack, [...]

]]> http://blog.triumfant.com/2012/04/30/detection-is-the-horse-investigation-is-the-cart-use-in-that-order/#comment-3845 Wed, 09 May 2012 14:19:18 +0000 http://blog.triumfant.com/?p=1256#comment-3845 [...] the question because I really study the reports and use the presented statistics to support my points about Triumfant so I am not spreading FUD.  Foghorn would likely say that I am ”more mixed up than a [...]

]]> http://blog.triumfant.com/2011/07/21/einstein-could-smell-the-coffee-can-you/#comment-3836 Wed, 02 May 2012 13:10:44 +0000 http://blog.triumfant.com/?p=987#comment-3836 [...] “The Year We Woke up and Smelled the Coffee” or [...]

]]> http://blog.triumfant.com/2012/04/26/incident-detection-then-incident-response/#comment-3826 Sun, 29 Apr 2012 06:23:27 +0000 http://blog.triumfant.com/?p=1249#comment-3826 Nice article. I would be curious to hear what your solutions are? You seem to take aim at a lot of the vendors/companies, but offer no possible solutions. You also mention, “This is not a good strategy”. Can you suggest a better one? These kind of articles are great, but offer little value. Could it be that the security vendors rely on signatures for detection, and behavioral IDSs are mediocre at best? It would be great if you wrote a Part II and offered some possible solutions. So we need AI systems to predict future methods of attacks it seems like, or vendors to “tip and queue” each other real time so they can learn from each other.

]]> http://blog.triumfant.com/2011/09/12/certificate-authorities-hacked-so-who-can-you-trust/#comment-3741 Fri, 16 Mar 2012 12:32:54 +0000 http://blog.triumfant.com/?p=1003#comment-3741 [...] With the RSA breach and other certificate authorities being hacked, the foundation of trust was already showing cracks.  Now we see examples of how trust can be subverted using this [...]

]]> http://blog.triumfant.com/2012/02/14/organizations_are_not_prepared_for_the_inevitable_breach/#comment-3740 Fri, 16 Mar 2012 12:32:49 +0000 http://blog.triumfant.com/?p=1197#comment-3740 [...] what, Triumfant guy, exactly gets through my shields?  You tell me I will be breached and you give me statistics, but I have AV, whitelisting, deep packet inspection, and every other acronym and buzzword in [...]

]]> http://blog.triumfant.com/2011/11/07/nitro-duqu-poison-ivy-video-proof-and-the-advanced-persistent-threat-as-industrial-espionage/#comment-3734 Tue, 13 Mar 2012 13:13:48 +0000 http://blog.triumfant.com/?p=1094#comment-3734 [...] network where they can, and then stealthily move about until they find what they need.  And new Advanced Persistent Threats like Duqu illustrate that hackers are now using sophisticated attacks to gather all manner of information to [...]

]]> http://blog.triumfant.com/2012/01/20/hearing_the_sound-_of_inevitability/#comment-3733 Tue, 13 Mar 2012 13:13:44 +0000 http://blog.triumfant.com/?p=1158#comment-3733 [...] In short, they turn the outsider into an insider.  This of course is not news to those in infosec, but to the people we serve, this is an idea they are still wrapping their head around these sophisticated targeted attacks. [...]

]]> http://blog.triumfant.com/2012/03/06/smell_a_rat_proving_a_point_about_breaches/#comment-3732 Tue, 13 Mar 2012 13:13:42 +0000 http://blog.triumfant.com/?p=1221#comment-3732 [...] SCAP/FDCC Compliance ← I Smell a RAT – Breaking Into Your House to Prove a Point About Breaches [...]

]]>