Securosis Blog

For years security folks have been frustrated when trying to show real revenue impact for security. We used the TJX branding issue for years, but it didn’t really impact their stock or business much at all. Heartland Payment Systems is probably stronger now because of their breach. You can check out all the breach databases, and it’s hard to see how security has really impacted businesses. Is it a pain in the butt? Absolutely. Does cleanup cost money? That’s clear.

It is starting to feel like summer. Both because the weather is getting warmer and because most of the Securosis team has been taking family time this week. I will keep the summary short – we have not been doing much writing and research this week.

It is time to return to our Network-based Malware Detection (NBMD) 2.0 series. We have already covered how the attack space has changed over the past 18 months and how you can detect malware on the network. Let’s turn our attention to another challenge for this quickly evolving technology: scalability.

Joining the strong(er) authentication craze (which we enthusiastically support), along with recent entrants Twitter and Amazon Web Services, Evernote is now including two-factor authentication and access logging for its business edition. Two steps in the right direction for security.

For this series focused on Quick Wins with Website Protection Services, the key is getting your sites protected quickly without breaking too much application functionality. Your public website is highly visible to both customers and staff. Most such public sites capture private information, so site integrity is important. Lastly, your organization spends a ton of money geting the latest and greatest functionality on the site, so they don’t take kindly to being told their shiny objects aren’t…

This month Google announced a new five year plan for identity management, and update from 2008’s five year plan. Their look backward is as interesting as the revised roadmap. Google recognized their 2-factor auth was more like one-time 2-factor, and that the model has been largely abused in practice. They also concluded that risk-based authentication has worked. A risk-based approach means more sensitive or unusual operations, such as credential changes and connections from unusual locations,…

Check out this great secure browser guide from the folks at Stach and Liu. The blog post is OK, but the PDF guide is comprehensive and awesome. Here is the intro:

In the introductory post in the Quick Wins with Website Protection Services series, we described the key attack vectors that usually result in pwnage of your site and possibly data theft, or an availability issue with your site falling down and not being able to get back up. Since this series is all about Quick Wins, we aren’t going to belabor the build-up, rather let’s jump right in and talk about how to address these issues.

This time of year neighborhoods are overrun with “Graduation 2013” signs. The banners hang at the entrance of every subdivision congratulating this year’s high school graduates. It’s a major milestone and they should celebrate. Three kids on our street are graduating, and two are youngests. So we will have a few empty nests on our street.

In the first post updating our research on Network-based Malware Detection, we talked about how attackers have evolved their tactics, even over the last 18 months, to defeat emerging controls like sandboxing and command & control (C&C;) network analysis. As attackers get more sophisticated defenses need to as well. So we are focusing this series on tracking the evolution of malware detection capabilities and addressing issues with early NBMD offerings – including scaling, accuracy, and…