7MS #483: Desperately Seeking a Super SIEM for SMBs - Part 2
7 Minute Security1 Syys 2021

7MS #483: Desperately Seeking a Super SIEM for SMBs - Part 2

Today we continue our series we started recently (part 1 is here about finding a super SIEM for SMBs. Specifically I have some updates on (and frustrations with) Arctic Wolf, Elastic, Milton Security and Perch Security.

Here's the TLDL version:

Arctic Wolf
They remain a strong contender in my bake-offs. They also could tick several boxes for an org as they offer continuous internal/external vulnerability scanning as well as a managed SOC. (And yes, I'm probably a tiny bit biased because I know a bunch of AWN's engineers and like the product)

Elastic
I've loved my interactions with the sales folks and engineers at Elastic. My initial trial had some technical speed bumps (which Elastic helped me remedy). I eventually did get some Elastic agents enrolled on endpoints in my lab. However, now that I'm up and running (and admittedly I should go through the Webinars and online training), I'm feeling overwhelmed. There's a jillion menus and submenus to explore. I feel like I've been given a high-performance sports car but completely lack the knowledge on how to make the most of it. I'll keep Elastic in my back pocket, but I don't think I can feel comfortable handing this dashboard over to a SMB IT/security staff and have them run with it.

Milton Security
A few weeks ago I had my first ever sales call with this group, and liked a lot of what I heard. They're up front about being a threat-hunt-as-a-service organization and they're not looking to partner with just any customer. The way they bundle sources of data (for the sake of pricing) makes sense to me, and although I haven't seen a formal quote from them yet, I think they will be reasonably priced when compared to some of the "big box" solutions.

Perch Security
After part 1 of this series, several of you pinged me and said to check out Perch Security. I'm very excited to connect with them but had a tough time getting someone to respond to my inquires (two weeks to be exact). Good news is I've got a call scheduled with them this week and am anxious to share what I learn about Perch on our next episode in this series.

Jaksot(683)

7MS #146: Friday Infosec News and Links Roundup

7MS #146: Friday Infosec News and Links Roundup

Here are some of my favorite stories and links for this week! If you missed last week's BURN IT ALL! Webcast, it's now online as a Youtube video. There is still time to register for the Real World Web Penetration Testing Webinar. It's(Thursday, January 28 @ 1 p.m. CST) and $25 (cheap!) Trustwave is in big trouble after failing to find hackers under their noses. Their noses mustreally hurt because Mandiant was quick to point out the work done by Trustwave was "woefully inadequate." I'm scared of IoT stuff. Why? Oh, I don't know, because what happens when your Nest fails and leaves your buttcheeks freezing cold?!?!? Or what if hackers steal your doorbell, and thus your wifi password and pwn your network? Thankfully, OWASP now now has a top 10 for IoT stuff too. A researcher found some clever ways to abuse Lastpass with an exploit called Lostpass. Lastpassresponded with a security change wherein a Lastpass authentication from a new device requires approval via email. A new Sysinternals tool helps figure out if you have shady, unsigned files in c:\windows\system32. Oh, and for sure upgrade all your iThings ASAP. Apple patched some ugly security holes.

23 Tammi 201610min

7MS #145: OFF-TOPIC - Sicario and The Walk

7MS #145: OFF-TOPIC - Sicario and The Walk

In today's off-topic episode I review two movies: Sicario and The Walk.

21 Tammi 20167min

7MS #144: Shoulder-Surfing with Seasoned Pentesters

7MS #144: Shoulder-Surfing with Seasoned Pentesters

I recently had the opportunity to shoulder-surf with some seasoned Webapp pentesters, and wanted to share what I learned about their tools, techniques and methodologies.

18 Tammi 20167min

7MS #143: Friday Infosec News and Links Roundup

7MS #143: Friday Infosec News and Links Roundup

Here are some of my fav' stories and links for this week! * Burn it all...The New Security Fundamentals **(Wednesday, January 20 @ 1 p.m. CST)**: a free Webinar on setting up the "*core technical things you need to do for your security program*." I've attended many Webinars from the BHIS group and they're always informative and humorous. * Real World Web Penetration Testing **(Thursday, January 28 @ 1 p.m. CST)**: a $25 Webinar on going through "*a real world penetration test. We will explore the methodology and procedures Secure Ideas follows as we test web applications. The course will also walk through some tricks and tips on how to focus your testing on likely flaws*." I have seen four of their recorded courses before and found them to be *absolutely* worth the money I spent, so I'm confident this upcoming session will be no exception. * Fortinet SSH backdoor not much to say except if you use any of the affected products, update immediately as they contain an SSH backdoor: * FortiOS v4.3.17 or any later version of FortiOS v4.3 (available as of July 9, 2014) * FortiOS v5.0.8 or any later version of FortiOS v5.0 (available as of July 28, 2014) * Any version of FortiOS v5.2 or v5.4 * Hacker sentenced to 334 years in prison for operating a phishing Web site similar to that of a legit banking Web site. Moral of the story? Don't do that. * Don't use IE 8, 9 or 10 anymore! unless you like to live dangerously.

15 Tammi 20168min

7MS #142: OFF-TOPIC - Media Servers and Making a Murderer

7MS #142: OFF-TOPIC - Media Servers and Making a Murderer

This off-topic episode covers: * Media servers - I'm a newb in this area and could use your help in setting up a config that actually works! * Making a Murderer - this is a fantastic documentary on Netflix. Stop what you're doing (once you listen to this episode) and watch *immediately* please.

13 Tammi 20168min

7MS #141: Happy (Belated) New Year!

7MS #141: Happy (Belated) New Year!

Happy (belated) new year! This episode is more of a "What am I listening to, a PBS telethon?!" kind of thing, and I'm sorry for that. But I want to cover: * Scheduling changes for 2016 - we're gonna be 3 times a week! * A new documentation project I'm working on called BPATTY (Brian's Pentesting and Technical Tips for You) * A way you can support the podcast financially.

11 Tammi 20168min

7MS #140: OFF-TOPIC - Video Games I'm Currently Playing

7MS #140: OFF-TOPIC - Video Games I'm Currently Playing

This episode talks about some cool video games I've been playing lately: * Metal Gear Solid Phantom Pain (Xbox 360) * Rise of the Tomb Raider (Xbox 360) * Luminocity (iPhone) * Super Mario Maker (Wii U) I recommend 'em all!

8 Tammi 20169min

7MS #139: Securing Your Life - Part 2

7MS #139: Securing Your Life - Part 2

Back in episode #93 I talked about securing your life - in other words, asking yourself "What would happen if I was dead right now? Do I have adequate insurance? Are my finances in order? How about estate planning?" This episode continues that train of thought, and I share some new changes I've made in my "life security" department.

8 Tammi 20168min

Suosittua kategoriassa Politiikka ja uutiset

rss-podme-livebox
ootsa-kuullut-tasta-2
aikalisa
et-sa-noin-voi-sanoo-esittaa
otetaan-yhdet
politiikan-puskaradio
rss-vaalirankkurit-podcast
aihe
rikosmyytit
the-ulkopolitist
rss-mina-ukkola
rss-tasta-on-kyse-ivan-puopolo-verkkouutiset
rss-hyvaa-huomenta-bryssel
rss-kyselytunti
linda-maria
rss-aijat-hopottaa-podcast
rss-kovin-paikka
rss-kaikki-paskaksi-ystavat
rss-tyolinjalla-pekka-sauri
rss-raha-talous-ja-politiikka