Cyber Technology

Highspeed Threat and Geographic Filtering with Threat Intelligence Gateways – an interview with Bandura Cyber CSO, Todd Weller

bandura-tw

Bandura Cyber solves a variety of network security use cases for customers seeking to deploy a threat intelligence gateway. First, it can protect them by filtering 100% of all available hostile threat intelligence. I’ve found that large enterprises don’t deploy all of their threat intelligence to their firewalls because of performance impact and small business doesn’t buy threat feeds or know how to make use of them. Second, it can prevent and report traffic to or from countries, including hostile countries and countries with no business reason to be communicating with. For example, Bandura Cyber offers a very low-cost solution that can block all traffic communication with Russia that can be deployed to election infrastructure by entry level IT staff. And third, it can act as a control plane for orchestration products or managed detection and response firms that don’t have permission to modify firewall configurations. In this blog post, I asked Bandura Cyber Chief Strategy Office, Todd Weller, for an overview of the Threat Intelligence Gateway industry and more information about Bandura Cyber. Bandura Cyber is a Gula Tech Adventures portfolio company.
Read More…

Remembering all of my LinkedIn connections with Polarity

polarity-linkedin-2-01

Like many of us in the cyber industry, we leverage LinkedIn to maintain our contacts and track people we’ve worked with. One of the most useful things I’ve done with my LinkedIn contacts was to import them into
Polarity. Now, when I read the news, look at conference speakers, participate in industry Slack channels, or even scan a list of investors or board members for a company I am researching, Polarity highlights who I “know” from LinkedIn. This makes my time more productive and my connections and time spent previously with contacts, much more meaningful. In this blog post, I will show some examples of what this integration looks like and how to export, clean and import the data into Polarity. Read More…

Have Meltdown or Spectre made you change ANY of your cyber security strategies?

1*TQewK00duGbvgqHIiK3U0Q

Both of these vulnerabilities have been upon us for just under a week now and yet I’ve only really heard cyber hygiene (patch your systems and monitor for trouble) discussed as viable approaches to this problem. Cyber hygiene is indeed very important, but there are many strategic and tactical issues that should be on the table for discussion in response to these vulnerabilities — and vulnerabilities like them we will face in the future. In this blog, I will look at this from a cyber practitioner’s point of view and recommend some strategies you’ve looked at in the past but perhaps your organization hasn’t adopted yet.

Read More…

ABS, SDS & TIG — Three New Cyber Emerging Market Categories You Should Know



0*WZQR4nN5JP1T6AEF
The cyber industry continues to innovate and offer new ways to help organizations stay secure and compliant. Over the past few months I’ve observed analyst, media and pundit coverage of three new cyber product categories — software defined segmentationthreat intelligence gateways and automated breach simulation. All three offer many new ways to increase the effectiveness and efficiency of your security programs. I will discuss each briefly and reference relevant Gula Tech Adventures portfolio companies in these new categories.
Read More…

How do you monitor “East — West” Network Traffic?

0*r8a0VRvEElkOP_-1
If your organization does not have a strategy for monitoring network communications between each of the network nodes, you are potentially missing a wide variety of malicious lateral movement and not collecting forensics which could be analyzed after an attack. In this post I will examine what east-west traffic monitoring means, how various organizations are dealing with this problem.
Read More…

What is your reason for not patching MS17–010 — the main vulnerability behind WannaCry?

0*UvcKlP7mpNCZORDZ
In April 14 2017, Shadow Brokers released information about an exploit tool written by the NSA called Eternal Blue. This tool exploited a zero day in Microsoft Windows covered by their MS17–010 update. The patch proceeded the disclosure as Microsoft issued MS17–010 on March 14, 2017. The WannaCry worm first got heavily noticed on Friday, May 12, 2017.
Read More…

Patching Systems with AutoMox

0*SOZQ2QrqLhFvAAwD
I’ve heard almost every excuse there is for not patching a system. While at Tenable Network Security, I got to focus on helping organizations identify their biggest cyber risks which usually meant patching vulnerabilities.
Read More…

RSA 2017 Vendor Vocabulary — “Agent-less” Solutions and “Machine Learning”


0*dPdSViVxqeoVT6du
As we prepare to descend on San Fransisco for the 2017 RSA conference, I wanted to take a moment and write a bit about a two terms cyber security vendors are using and the types of questions you should ask as a potential buyer, investor, partner or acquirer of these solutions. These terms are “Agent-less” and “Machine Learning”.
Read More…