From the Desk of the CEO – 2014 Predictions

Published on January 22, 2014

    January 2014 Issue The Year of Security Analytics From the Desk of the CEO 2013 Reflections and 2014 Predictions on the field of Security Analytics and Intelligence Dear Colleagues, 2013 was a watershed year for Securonix and the field of security analytics. Since getting started in this emerging...

Authentication Against Active Directory

Published on September 16, 2013

Securonix has the ability to authenticate against a single domain. The authentication configuration are to be made to the file available in the securonix_home/conf directory. The securonix system currently authenticates against a single domain and does not support authentication against multiple domains. Make the following changes to the

What you don’t know can most definitely hurt you

Published on September 13, 2013

It’s always something. You might run a careful, security conscious shop. Your IT group might be completely onboard, keeping their patches current and using best practices for provisioning accounts and supporting mobile devices.  And you pay attention - you think about lost or stolen laptops, vulnerable IP Cameras and SSH key...

Using Securonix for Directory-Based Service Account Monitoring

Published on August 23, 2013

I was recently working with one of our customers, a very large health care services and administration company, to implement the Securonix solution to solve a different kind of enterprise network security problem.  Both the information security team and the network administration people were struggling with managing and monitoring accounts...

Security Intelligence - But What Does It DO?

Published on August 22, 2013

It seems like everybody’s talking about security intelligence these days.  Of course, what people mean when they use the term can vary widely depending upon what they’re selling, but the primary purpose remains the same.  Some kind of machine intelligence that can detect successful cyber attacks, information theft, fraud and...

"The Snowden Case", Lies and Marketing Communications on Insiders

Published on July 12, 2013

One of the more interesting outgrowths of the recent revelations around NSA cyber-surveillance practices is the sudden declaration from all manner of information security vendors that their product or service could have “prevented Snowden”.  Now these claims are being met with a great deal of skepticism in the security community,...

Voluntary Self-Hackery -- The Blunt Truth about BYOD

Published on July 1, 2013

In a sense, the entire discussion around BYOD processes in the enterprise is moot.  Everyone has a smart phone.  Many have found they prefer a tablet to a PC, and will bring their tablet to work.  These devices connect seamlessly to the network through WiFi, and very quickly become a...

Information Security - Always Behind the Technology Curve

Published on June 28, 2013

In today’s hyper competitive business environment, it is no longer sufficient to compete on price and quality alone.  Just as InfoSec workers can be thought of as being in a war with those that would use unauthorized or fraudulent access to data and systems to enrich themselves or their employers,...

Removable Storage and the Temporal Value of Data

Published on June 20, 2013

There are a lot of ways for determined insiders to exfiltrate appropriated documents and data but by far the preferred method is good old tried and true removable media.  Edward Snowden was a SysAdmin, so in spite of a general policy against USB flash drives, he was completely comfortable making...

Security Intelligence and the Rise of the Unknown Vulnerability

Published on June 17, 2013

We spend a great deal of time talking about how to secure the Enterprise Compute and Communication environment. We talk about insider and external threats, malware, applications and risks. We talk about the importance of prevention and the necessity of real time detection. We talk about collecting and analyzing network,...

Security Intelligence - Think Outside the Logs

Published on June 12, 2013

We often consider our security posture and architecture with an eye to the threat environment. We look outside, and try to determine what we are defending against. Even in the case of insider threats, we are often trying to develop the defenses in terms of the attack vectors, vulnerabilities and...