Category: Cybersecurity
InformationSecurityAsia2007 – Roundup
InformationSecurityAsia2007 was good, but could have been better. Most of the participants enjoyed the sessions on extrusion detection, indepth root kit analysis, and wireless hacking. There were also excellent presentations on the new Thai cybercrime law which goes into effect next week, as well as very good reports on cybercrime from Thai cybercrime fighting authorities. [...]
Read moreExtrusion Detection is Ripe for CEP
The afternoon sessions of InformationSecurityAsia2007 were exceptional. Dr. Keith White, APAC Security Services Director of Alcatel-Lucent, Australia described how they partnered with Cloudshield to process security events in a distributed SEM environment. Topics covered included edge processing, content/context based routing and event processing. After Keith’s excellent presentation I had a chance to speak with him [...]
Read moreCEP Opportunities at InformationSecurityAsia2007
Today is the first day here at InformationSecurityAsia2007. Interestingly, we heard from today’s keynote speakers about the emerging market for vulnerability auctions, eBay-like auction houses for buying and selling information security vulnerabilities to the highest bidder. Clearly, experts in Asia are focused on the same topics as experts worldwide. At the first break, I had [...]
Read moreInformationSecurityAsia2007 – Bangkok
If you are in Asia-Pacific next month, please drop me a line. I will be attending InformationSecurityAsia2007 in Bangkok, July 10 – 11th. It is possible I will be asked to present on CEP and SEM, if a speaking slot becomes available. Right now I am on the list as a backup! The good news [...]
Read moreSecurity Event Management (SEM) with CEP (Part 6) – Realizing SEM with CEP
Security Event Management (SEM) with CEP (Part 6) – Realizing SEM with CEP In Part 6 in this series, Security Event Management (SEM) with CEP, we look at how CEP can be used to help security experts meet the 5 principles of SEM. In my earlier tutorial series, What is Complex Event Processing?. we reviewed [...]
Read moreSecurity Event Management (SEM) with CEP (Part 5) – SEM Challenges
Security Event Management (SEM) with CEP (Part 5) – SEM Challenges and Shortfalls In Security Event Management (SEM) with CEP (Part 4), we briefly reviewed the 5 functional principles of SEM. Most, if not all, of the current SEM offerings from security vendors today do not meet the core requirements of a robust SEM architecture. [...]
Read moreSecurity Event Management (SEM) with CEP (Part 4) – The 5 Principles of SEM
Security Event Management (SEM) with CEP (Part 4) – The 5 Principles of SEM In Part 2 and Part 3 of Security Event Management (SEM) with CEP, we reviewed trends in cybersecurity and the motivation for SEM and CEP. That introduction leads us to a brief post on the high-level functional requirements of SEM. In [...]
Read moreSecurity Event Management (SEM) with CEP (Part 3) – Trends in Cyberspace
Security Event Management (SEM) with CEP (Part 3) – Trends in Cyber Attacks, Threats and Vulnerabilities Life in our web browser-based world is more dangerous than first meets the eye. I don’t mention this to sound the alarm bells. It is, however, important to understand why organizations need sophisticated event-driven cybertools to catch criminals before [...]
Read moreSecurity Event Management (SEM) with CEP (Part 2) – Trends in Cyberspace
Security Event Management (SEM) with CEP (Part 2) – Trends in Cyber Attacks, Threats and Vulnerabilities It is no secret that cyberspace has become one of the the most important areas of our daily lives in the modern world. We bank, buy stocks and purchase goods on the net. We book and pay for travel [...]
Read moreSecurity Event Management (SEM) with CEP (Part 1) – Introduction
Many readers may already know that I have a deep background in network management with an emphasis in computer and network security. My experience in this area, after leading countermeasure efforts for the USAF in the Langley Cyberattack, motivated me to write a CACM paper applying multisensor data fusion techniques to intrusion detection. If you look [...]
Read more