1 min
Komand
EMEA Cybersecurity Event Calendars
For both professionals and those who are interested, attending events has become
a part of the norm in the cybersecurity space. We've helped security
professionals find events with both our U.S. and Asia cybersecurity event
calendars, and now we're expanding to EMEA.
If you want to gain valuable insight about the latest in cybersecurity outside
the US, we’ve put together a list of events throughout Europe, the Middle East,
and Africa. Don’t miss out!
Below, we feature 5 events you should defin
4 min
Log Management
What is Syslog?
This post has been written by Dr. Miao Wang, a Post-Doctoral Researcher at the
Performance Engineering Lab at University College Dublin.
This post is the first in a multi-part series of posts on the many options for
collecting and forwarding log data from different platforms and the pros and
cons of each. In this first post we will focus on Syslog, and will provide
background on the Syslog protocol.
What is Syslog?
Syslog has been around for a number of decades and provides a protocol used for
2 min
Javascript
What are Javascript Source Maps?
It's generally a good practice to minify and combine your assets (Javascript &
CSS) when deploying to production. This process reduces the size of your assets
and dramatically improves your website's load time.
Source maps create a map from these compressed asset files back to the source
files.
This source map allows you to debug and view the source code of your compressed
assets, as if you were actually working with the original CSS and Javascript
source code.
Take a look at jQuery minifi
3 min
Heroku Dynos Explained
What are Heroku Dynos?
If you've ever hosted an application on Heroku , the
popular platform as a service, you're likely at least aware of the existence of
“Dynos”. But what exactly are Heroku Dynos and why are they important?
As explained in Heroku's docs , Dynos are simply
lightweight Linux containers dedicated to running your application processes. At
the most basic level, a newly deployed app to Heroku will be supported by one
Dyno for
4 min
Container Security
Modern Network Coverage and Container Security in InsightVM
For a long time, the concept of “infrastructure” remained relatively unchanged:
Firewalls, routers, servers, desktops, and so on make up the majority of your
network. Yet over the last few years, the tides have begun to shift.
Virtualization is now ubiquitous, giving employees tremendous leeway in their
ability to spin up and take down new machines at will. Large chunks of critical
processes and applications run in cloud services like Amazon Web Services (AWS)
and Microsoft Azure. Containers hav
3 min
Log Management
Active vs. Passive Server Monitoring
Server monitoring is a
requirement, not a choice. It is used for your entire software stack, web-based
enterprise suites, custom applications, e-commerce sites, local area networks,
etc. Unmonitored servers are lost opportunities for optimization, difficult to
maintain, more unpredictable, and more prone to failure.
While it is very likely that your team has a log management and analysis
initiative
5 min
Automation and Orchestration
How to Install and Configure Tripwire IDS on CentOS 7
Synopsis
Tripwire is a most popular host-based intrusion detection system that
continuously tracks your critical system files and reports under control if they
have been destroyed. Tripwire agents monitor Linux systems to detect and report
any unauthorized changes to files and directories including permissions,
internal file changes, and timestamp details.
Tripwire works by scanning the file system and stores information on each file
scanned in a database. If changes are found between the store
5 min
Automation and Orchestration
How to Install and Configure CSF Firewall on Ubuntu Linux
Synopsis
CSF also known as Config Server Firewall is a free and open source advance
firewall application suite base on iptables that provides additional security to
your server. CSF comes with additional security features, such as ssh, su login
detection and also recognizes a lot of different types of attack like SYN flood,
port scan, DOS and brute force. CSF supports most of common used operating
systems like CentOS, openSUSE, RedHat, CloudLinux, Fedora, Slackware, Ubuntu and
Debian. You can ea
4 min
Automation and Orchestration
ISO/IEC 27035-2 Review (cont.) - Improving Incident Response Plan; Awareness/Training Role
Synopsis
In the series of articles titled “Incident Response Life Cycle in NIST and ISO
standards” I review incident response life cycle, as defined and described in
NIST and ISO standards related to incident management.
I introduced these standards in the first article in this series
.
ISO/IEC 27035 is a multi-part standard. Its first part introduces incident
management principles. Its second part, ISO/IEC 27035-2, g
4 min
Automation and Orchestration
ISO/IEC 27035-2 Review (cont.) - SOPs, Trust and the Incident Response Team
Synopsis
In the series of articles titled “Incident Response Life Cycle in NIST and ISO
standards” I review incident response life cycle, as defined and described in
NIST and ISO standards related to incident management.
I introduced these standards in the first article in this series
.
ISO/IEC 27035 is a multi-part standard. Its first part introduces incident
management principles. Its second part, ISO/IEC 27035-2, g
4 min
Metasploit
EternalBlue: Metasploit Module for MS17-010
This week's release of Metasploit
includes a scanner and exploit module for the EternalBlue vulnerability, which
made headlines a couple of weeks ago when hacking group, the Shadow Brokers,
disclosed a trove of alleged NSA exploits
. Included among them, EternalBlue, exploits MS17-010
, a
Wi
1 min
Python
Recent Python Meterpreter Improvements
The Python Meterpreter
has received
quite a few improvements this year. In order to generate consistent results, we
now use the same technique to determine the Windows version in both the Windows
and Python instances of Meterpreter. Additionally, the native system language is
now populated in the output of the sysinfo command. This makes it easier to
identify and work with international systems.
The largest change to the Python M
4 min
Automation and Orchestration
What is Security Automation?
Security has always been a numbers game. Time to detection and time to response
have been metrics security teams have sought to reduce since the beginning of
time (or at least the beginning of computers…). But what does it take to
actually reduce that number?
If you’re reading this, we’re guessing you’re no stranger to the challenges in
the world of security today. Between the security talent gap
and
the rapid prolifer
5 min
CIS Controls
The CIS Critical Controls Explained - Control 7: Email and Web browser protection
This blog is a continuation of our blog post series around the CIS Critical
Controls
.
The biggest threat surface in any organization is its workstations. This is the
reason so many of the CIS Critical Security Controls
relate to
workstation and user-focused endpoint security. It is also the reason that
workstation security is a multibill
2 min
Vulnerability Management
CVE-2017-5242: Nexpose/InsightVM Virtual Appliance Duplicate SSH Host Key
Today, Rapid7 is notifying Nexpose
and InsightVM users of a
vulnerability that affects certain virtual appliances. While this issue is
relatively low severity, we want to make sure that our customers have all the
information they need to make informed security decisions regarding their
networks. If you are a Rapid7 customer who has any questions about this issue,
please don't hesitate to contact your custome