Hey all,
I've been reading "America the Vulnerable" by Joel Brenner, former IG for NSA and counterintelligence executive for the Director of National Intelligence. It is fascinating, and I encourage everyone working with computers in an enterprise/government organization to read it. At least get through Chapter 3, "Bleeding Wealth". Very sobering. He also provides some good stories regarding those pesky USB thumbdrives. If you see one laying around, treat it like a bio-hazard and stay away from it!
He really hasn't covered anything I hadn't known about, but by compiling it altogether, and having that information coming from an authoritative person, I think this book really succeeds.
America the Vulnerable: Inside the New Threat Matrix of Digital Espionage, Crime, and Warfare
Also, if any of you want some more videos on audit trail analysis for your Mac, I've posted some more videos. If you have Audit Explorer 1.0, hopefully version 1.1 should be downloaded automatically.
I haven't put any tutorials on audit filters up yet. Filters are (from my geek technical point of view) the really cool part of 1.1. Hopefully I'll get some tutorials on them done over the next week.
I take some minor jabs at network monitors in general and EINSTEIN 2 in particular in the 2nd and 3rd videos. If any of you work on it or have to use EINSTEIN, hopefully you won't be offended.
Here is the link if you are interested:
Todd
PS. Next week I'll start resurrecting my Windows audit trail analysis code. If anyone is interested in Windows audit trail analysis, let me know.
PPS. If any folks at your work have any "must have" features they want in audit trail analysis, have them send me email.
|