security Archives - Page 2 of 58 - The Silicon Underground

Home » security » Page 2

What does secured mean for Internet access?

Dave Farquhar security September 9, 2019October 11, 2019 0 Comment

Both Windows and your web browser go out of their way to tell you if your Internet connection is secured, or not secured. Secured certainly sounds better than not secured. But what does secured mean for Internet access? Let’s talk about it.

“Secured” is a friendly word to say your network connection is encrypted. But what that means, exactly, depends on whether it’s your web browser or your operating system saying the connection is secure. The most important thing to remember is that in this case, your browser can compensate for Windows, but Windows can’t compensate for the browser.

Confirmed vs potential vulnerabilities in Qualys

Dave Farquhar security September 5, 2019August 11, 2019 0 Comment

When you’re looking at a vulnerability scan, you may find several types of line items on the report. Two of them are confirmed and potential vulnerabilities. Let’s take a look at confirmed vs potential vulnerabilities in Qualys.

Potential vulnerabilities are incomplete, in that they show an indication of vulnerability, but not enough for Qualys to confirm it. Confirmed vulnerabilities are more reliable, as Qualys was able to pinpoint a vulnerable file or setting on the system. In some scan results, Qualys refers to potential vulnerabilities as “practice.” As far as Qualys is concerned, practice and potential are interchangeable terms.

Is USB blocking misguided security?

Dave Farquhar security August 29, 2019October 11, 2019 0 Comment

Blocking USB ports on corporate computers certainly is an inconvenience. But it’s something many companies do in the name of security. The question is, is USB blocking misguided security? Does it solve a problem, or just create others?

There are serious security concerns with USB devices, besides the danger of people copying huge troves of corporate data onto a USB stick and taking that information with them. That’s why many companies, and the government, limit what you can use USB for, or sometimes block it completely.

Qualys vs Kenna

Dave Farquhar security August 21, 2019September 5, 2019 0 Comment

Qualys and Kenna’s relationship is complicated. Several years ago the two companies were partners until Qualys tried to clone Kenna. Now, to hear Qualys talk, you don’t need Kenna anymore if you have Qualys. So let’s look into Qualys vs Kenna in regards to that claim.

What a buffer overflow looks like

Dave Farquhar security August 14, 2019July 28, 2019 0 Comment

Once you know what to look for, a buffer overflow is almost as easy to spot as it is to understand. So here’s what a buffer overflow looks like, whether you’re looking at suspicious network traffic or a suspicious file on disk.

A buffer overflow is a long sequence of NOP operations followed by machine code. The long sequence of NOPs is a tell-tale sign, but disassembling the data that follows will verify it–if it doesn’t disassemble to gibberish, you found a buffer overflow.

How does Kenna Security work?

Dave Farquhar security August 12, 2019September 29, 2019 0 Comment

Kenna Security is a vulnerability management tool you may have heard of but never used. I find it exceptionally useful, though that’s not always a universal opinion. So how does Kenna Security work, and how can you make it work better?

Kenna Security is not a vulnerability scanner. It works with your existing scanner to enrich the data and make recommendations. This makes it distinct from a vulnerability scanner like Qualys’ flagship product. Using that enriched data to make decisions is key to success with Kenna.

Making an example of Equifax

Dave Farquhar security July 29, 2019July 29, 2019 0 Comment

Slate’s Josephine Wolff argues that you have a moral imperative to claim $125 from Equifax as part of their breach settlement. Preventing the kinds of things that happened to Equifax is what I’ve done for a living for the bulk of my career. So here’s why I agree with her argument in favor of making an example of Equifax.

Most companies, in my experience, do patch management and vulnerability management on the cheap and write off the consequences as a cost of doing business. The cost of not doing it right needs to be high enough to get them to spend enough on tools and personnel to get the job done. And as the guy who pushed the patches for 9 years and then shifted in 2014 to being the guy who coaches the patch-pushers, I have a pretty good idea what it takes to do the job right.

A+ vs Security+

Dave Farquhar security July 18, 2019July 2, 2019 0 Comment

CompTIA positions A+ as a precursor to Security+, but it’s not necessary to have both certifications. It can be helpful, but whether you need one or both depends on what you want to specialize in. And that’s really what it comes down to in A+ vs Security+: area of specialty.

A+ is a certification that covers computer hardware and operating systems, intended for technicians and system administrators. Security+ is an entry-level security certification, and the overlap between the two may not be obvious.

Why does the government require CISSP or Security+?

Dave Farquhar security July 11, 2019September 5, 2019 0 Comment

Why does the government require CISSP or Security+ for certain jobs? While requiring people to pass a test can cause problems, I’ve seen it solve bigger problems.

Certification tests establish a baseline set of knowledge that a person filling a role has mastered. It provides a standard, repeatable, and objective third-party measure of a person’s qualifications, even if it’s possible to game the system.

Should I install updates on my computer?

Dave Farquhar security June 5, 2019May 18, 2019 0 Comment

I was talking with an insurance adjuster when he asked me what I do for a living. I explained that I help companies make sure they’re doing a good enough job of updating their computers. That visibly disturbed him. “So should I install updates on my computer or not?” he asked.

Security experts agree that installing updates on your computer is one of the top three things, if not the most important thing, you can do to protect your security and privacy. It’s also one of the easiest, and the most practical thing home users can do.