Log in
CTO Tech Blogs
The latest information from NitroSecurity's office of the CTO.
Michael Leland, CTO of Security Management Solutions for NitroSecurity, blogs at SIEMblog, while Mel Shakir, CTO of Database Monitoring Solutions, blogs at LogDAM.
Getting the most out of a DAM
Thu, 25 Sep 2008
Getting the most out of a DAM
You may already know that the premise of a database activity monitoring (DAM) solution is to provide an audit log of database activity and detect or block database exploits & threats. This in itself covers several compliance, data privacy assurance & security use cases.
Corporations are realizing that the rich [...] [read more]
~ from CTO Tech Blog logdam.com
Good strategy requires strong tactics: Another look at DNS
Tue, 23 Sep 2008
In terms of overall security, devices such as database monitors (DBM) and intrusion prevention systems (IPS) are valuable and necessary tools, albeit tactical ones: they exist to provide fast detection, the blocking of more critical attacks, and alerting on others. As a part of an overall information management strategy, therefore, they’re a boon: they provide initial protection as well [...] [read more]
~ from CTO Tech Blog siemblog.com
Ask me no questions, Ill tell you no lies
Mon, 25 Aug 2008
Threats of DNS cache poisoning scare Internet security community into action.
It’s been just weeks since the announcement (http://www.doxpara.com/?p=1215) by Dan Kaminsky, Director of Penetration Testing at IOActive.com that sent the entire Internet community abuzz. Kaminsky, along with IOActive’s Jason Larsen, identified and documented the potential exploit of the Domain Name System (DNS) facility whereby [...] [read more]
~ from CTO Tech Blog siemblog.com
Tracking user activity: Why its necessary yet sometimes hard to do
Tue, 12 Aug 2008
If you are an IT application security professional it is quite likely that you have been recently asked to track user activity or find a tool that does exactly that.
Let’s hypothesize now that your organization has a bunch of custom applications that are fairly non-standard and utilize a myriad of development platforms - J2EE, .Net, [...] [read more]
~ from CTO Tech Blog logdam.com
A guide to successful SIEM deployment.
Mon, 11 Aug 2008
Security Information & Event Management - It seems to be all the rage these days. Implementations across every vertical market segment make promises ranging from enhanced analytics and forensic discovery to automated risk assessment and threat mitigation; Products offering little more than log and event monitoring capabilities compete with those which promise full integration with [...] [read more]
~ from CTO Tech Blog siemblog.com
Can I get by without deploying a database activity monitoring (DAM) solution?
Tue, 22 Jul 2008
Can I get by without deploying a DAM solution?
I get this question often and as much as I’d like to say “Absolutely Not,” I’ll still say “Maybe”.
Every DBMS vendor out there (Oracle, Microsoft, Sybase, IBM …) offers some DAM features, at least in a more recent release. If the native DBMS solution meets your needs [...] [read more]
~ from CTO Tech Blog logdam.com
Unrestricted Data Collection for Maximum Compliance and Forensic Visibility
Thu, 20 Nov 2008
Determining which data sources to collect for use in a SIEM platform can sometimes be the most difficult deployment decisions to make both during the initial deployment and throughout the lifecycle of the platform. There are virtually limitless sources of relevant data throughout each and every enterprise; event and log sources ranging in scope from [...] [read more]
~ from CTO Tech Blog siemblog.com
- share this page:
