Security

In the realm of threat defense, hindsight is 20/20. That’s because, all too often, it’s difficult to get a clear view of your entire network’s security in real-time. And to accurately predict network threats? Forget about it. But not with Cisco Advanced Malware Protection (AMP). Giving you the visib…

Cloud applications are now commonplace in enterprises. From productivity applications to storage, employees and IT departments are realizing the benefits of offloading documents and data into the cloud. But as data, identities, and applications move to the cloud, security teams must manage the risk…

Fast, good, and cheap. Or: Time, resources and budget. The Project Management Triangle. The Iron Triangle.  The Triple Constraint. There are many names for the program management challenge of balancing three constraints, but it all comes down to this: you can’t have all three. You can do something…

In the recently released Cisco 2018 Annual Cybersecurity Report, 2017 saw growth in malware targeted at ransom or profit motives, but also the destruction of systems and data. Malware continues to get more sophisticated and is now able to elude sophisticated sandboxing environments.  Encryption cont…

Detecting User Interaction Evasion Techniques Malware sometimes checks for user interaction as a form of evasion to avoid being detected by antiviruses and other security software, especially sandbox analysis environments. Threat Grid, Cisco’s advanced sandbox analysis environment, has recently adde…

Investigators given a no-cost Threat Grid account to fight cybercrime I received my first computer forensic training at the Federal Law Enforcement Training Center’s (FLETC) Seized Computer Evidence Recovery Specialist (SCERS) course in Glynco, GA; while a Special Agent for the US Army Criminal Inve…

For years, we’ve been pioneering the use of DNS to enforce security. We recognized that DNS was often a blind spot for organizations and that using DNS to enforce security was both practical and effective. Why? Because DNS isn’t optional. It’s foundational to how the internet works and and is used b…

A deep dive into logging as an often-overlooked but powerful tool for incident detection and response “Lack of instrumentation or insufficient logging” is often a phrase used on incident response reports. During incident response activities, this isn’t a phrase you want to see, since lack of logging…

I like to say that I didn’t really choose a career in cybersecurity – it chose me. The field naturally suits my personality, which has always been safety conscious. My cybersecurity journey began at Georgia Tech Research Institute, where my work exposed me to the challenges of using electronic syste…