The difference between a vulnerability scanner and a SIEM

I heard an interesting question the other day: What’s the difference between a vulnerability scanner and a SIEM? Qualys and Nessus are examples of vulnerability scanners. Arcsight and Splunk are examples of SIEMs.

To a security practitioner, the tools couldn’t be much more different, but not everyone is a security practitioner.

On a basic, fundamental level, a vulnerability scanner deals in what’s missing in the environment and what could happen as a result of those things that are missing. A SIEM deals in what actually has happened and is happening.

Read more

How to get started in regulatory compliance

I had a search query about getting started in regulatory compliance, which I’ve written about before, but more from an organizational perspective. That won’t help you much from a career perspective.

I think most any CISSP will answer that question similarly, so I’ll take a stab at it. Read more

Here’s a nice Linux tool: checkrestart

Tom Gatermann told me about a nice tool for Debian (and presumably Ubuntu) called checkrestart. Sometimes, even though you did an apt-get update and apt-get upgrade to bring your system up to date, you can still be running the out-of-date version of something. That’s the problem checkrestart helps you solve.

Read more

Linus Torvalds is right about “reasonable resolution”

Linus Torvalds is sick of the gimmicks, and he’s really sick of laptops sporting cheap 720p displays. He wants high-resolution (2560×1600, or even 2048×1536) displays to become standard.

Having seen an Ipad with a 2048×1536 display in person recently, I agree. Read more