Managing IDS/IPS signatures can be a difficult task. Even with trained security professionals who are knowledgeable about their organization’s normal traffic pattern, most organizations configurations are continuously changing. New services and machines are put into place, creating new traffic patterns. While network IDS/IPS serve the function of finding evidence of nefarious activities, at large organization [...]
Category Archive for 'Snort'
TOTEM: Threat Observation, Tracking, and Evaluation Model
Posted in ANL Federated Model, Bro, CAMNEP, CPP, Defense in Depth, IDS, Reputation, Risk, SlideCasting, SlideShare, Snort, TVA, Trust Management, Visualization, Vulnerability on Jun 6th, 2009
This week I had the pleasure of presenting two talks at the National Laboratories Information Technology (NLIT) 2009 Summit held in Oak Ridge, TN. Everyone involved was great and I had a fun time. Since the presentations have been posted to the NLIT site, I am free to post now.
The original [...]
The folks at Sourcefire have been working hard at creating the next generation of Snort. Martin Roesch, captain of the brave development team, is boldly taking Snort where no pig has gone before. Cyberspace, the final frontier. Seriously, the core framework for Snort is being rewritten from the ground up. With [...]
-
Recent Posts
- OMB Says Bring on the Clouds: Frightening or Funny?
- Suricata: A Next Generation IDS/IPS Engine
- Movement on the US Cyber Command
- Soon-To-Be Classic: A Geek Christmas Story
- Santa’s Secrets Leaked
- Learning from the Drone Hacking Case
- Security Visualization: FODAVA
- Remembering 9/11: The Personal Side
- Learning By Doing: Challenges, Data Sets, and Practice Sites
- What’s in Your Folder: Security Cheat Sheets
Archive
Categories
-
Magazines
Recent Podcasts
- 2009-06-16: The Upside and Downside of Security in the Cloud
- 2009-06-23: Rich Mogull on Patch Management
- 2009-06-25: Rob England: Owning ITIL
- 2009-06-26: A Blueprint for Stepping into The Innovation Zone
- 2009-06-29: The Cybersecurity Challenge
- 2009-07-07: Rethinking Risk Management
- 2009-07-14: Cybsersecurity, Cyberdefense and Cyberwarfare
- 2009-07-14: ITIL, CMDB, and ITSM with The IT Skeptic, Rob England
- 2009-07-22: The O'Reilly Radar
- 2009-07-28: Analyzing Internet Traffic
- 2009-07-30: Amichai Shulman
- 2009-07-30: PCI Wireless
- 2009-08-04: Anton Chuvakin, Ph.D
- 2009-08-05: Aneesh Chopra, CTO of the United States
- 2009-08-07: Black Hat, Defcon, Hackers for Charity and More
- 2009-08-10: Microsoft's Embrace of Interoperability
- 2009-08-13: FIRST Podcast: Davidoff and Ham
- 2009-08-18: Mitigating Insider Threat: New and Improved Practices
- 2009-08-19: Expanding the Use of Web 2.0 Technologies to Drive Business Value
- 2009-08-28: Who put that private cloud in my public cloud?
- 2009-08-31: FLOSS Weekly
- 2009-08-31: Ron Gula on PCI DSS compliance
- 2009-08024: Web App Security in the Cloud with Customer
- 2009-09-01: Into the Breach
- 2009-09-01: The Cloud, is it ready and secure
- 2009-09-08: Marcus Ranum on Zero Day Exploits: Defending Your Network
- 2009-09-16: Jericho Forum and Security in the Cloud
- 2009-10-01: Disruptive Innovation and Cloud Security
- 2009-10-23: 'Dangers' of cloud computing
- 2009-10-23: Dangers of Cloud Computing
- 2009-12-22: Howard Schmidt on the Cybersecurity Czar
- 2010-01-06: Open Source SOA
Recent Presentations
- 2009-03-17: A Virtualization & Cloud Computing Fable
- 2009-06-11:Forensic/IR Summit 2008 Archive Presentations
- 2009-06-15: HotCloud 09
- 2009-06-24: Axiis Core Functionality Video Tutorial
- 2009-07-30: Black Hat USA 2009 Conference
- 2009-08-01: Mo' Money Mo' Problems
- 2009-08-02: CSRF: Yeah, It Still Works
- 2009-08-04: Death of Anonymous Travel
- 2009-08-07: Security Content Automation Protocol and Web Application Security
- 2009-08-10: The COBIT Body of Knowledge – a Layman's View
- 2009-08-14: Back of the Napkin
- 2009-09-01: Weaponizing the Web
- 2009-09-04: The Future of the Security Industry
- 2009-09-05: Johnny Long's talk at DefCon 17
- 2009-09-08: What Would Google Do?
- 2009-09-10: Gov 2.0 Summit
- 2009-09-10: Gov 2.0 Summit Events
- 2010-01-07: Vulnerability Management Scoring Systems
Selected Papers
Standard Sites
Meta
-
