5 min
Komand
How to Send Bro Event Data to Komand
Our integrations team recently attendedBroCon
[https://www.bro.org/community/brocon2017.html]at theNational Center for
Supercomputing Applications [http://www.ncsa.illinois.edu/]in Urbana, IL. BroCon
is an annual network security monitoring conference for users and developers of
theBro [https://www.bro.org/]network security monitoring platform. They got
excited about the interesting research going on, and set out to whip up a new
proof of concept integration to help fellow Bro users utilize Koma
5 min
Komand
How Security Teams Can Learn to Advocate for Resources
It’s no secret that security teams today are severely resource-constrained
[/2016/08/30/5-reasons-companies-are-losing-security-talent-and-what-to-do/] and
busier than ever. As your days get longer, the work becomes more complex, and
you begin to burn out, you need to be able to advocate for more resources —
whether that be for new hires
[/2016/09/07/how-to-hire-a-strong-and-effective-security-team-free-ebook/], more
tools
[/2016/08/10/a-framework-for-selecting-and-implementing-security-tools-
23 min
Komand
An Interview with Rebekah Brown, Co-Author of Intelligence-Driven Incident Response
We recently interviewed Rebekah Brown for our Defender Spotlight series
[/2017/08/09/defender-spotlight-rebekah-brown-rapid7/] on the topic of her life
as a cybersecurity defender. When we spoke with her, she also talked in-depth
about how threat intelligence can inform and improve the incident response
lifecycle.
Rebekah practices these concepts in her day-to-day life as a defender, and she’s
even co-authored a book on this very topic called Intelligence-Driven Incident
Response [http://shop.o
3 min
Automation and Orchestration
RSA (Rivest, Shamir and Adleman)
Synopsis
Rivest, Shamir & Adleman (RSA) is the public key cryptosystem. The phenomenon
of data transmission is secured through it. The letters “RSA” are the initials
of the inventor of the system. Four steps are incorporated in this algorithm:
Encryption, Decryption, Key Distribution and Key Generation. After the
development of public-key cryptography, the most famous cryptosystem in the
world is RSA. In order to maintain proper security, the decryption exponent of
RSA must be greater than cer
3 min
Automation and Orchestration
What is Data Encryption Standard (DES)?
Synopsis
The Data which is encrypted by symmetric key method is called Data Encryption
Standard (DES). It was prepared by IBM Team in 1974 and declared as national
standard in 1977. Government was also using cryptography, especially in
diplomatic communication and military. Without cryptography it’s difficult to
interpret military communication. Cryptography was also used in commercial
sector. Federal Information Processing Standard (FIPS) was also working on DES.
FIPS was integrated with comput
4 min
Komand
How to Use Your Threat Model as a Guidepost for Security
The threats you face are unique to your company's size, industry, customer base,
and many other factors. So your approach to protecting your
organization's digital data should be unique, too.
In this post, we’ll cover a framework to develop an effective threat model that
will fits your organization's unique needs.
The Factors that Determine Your Unique Threat Model
There are many factors that can determine your threat model. And while this will
vary from company to company, we've identified th
7 min
Komand
Defender Spotlight: Rebekah Brown, Threat Intelligence Lead at Rapid7
Welcome to Defender Spotlight! In this blog series, we interview cybersecurity
defenders of all varieties about their experience working in security
operations.
Editor's Note: When we originally approached Rebekah for the Defender Spotlight
series, Komand and Rapid7 had not yet discussed acquisition. Some time after the
interview, it became clear that Komand would be joining the Rapid7 family. The
timing of the DS interview with Rebekah was purely coincidental, but a delight
nonetheless. :-)
I
3 min
Automation and Orchestration
Exploring SHA-1 (Secure Hash Algorithm)
Synopsis
In computer cryptography, a popular message compress standard is utilized known
as Secure Hash Algorithm (SHA). Its enhanced version is called SHA-1. It has the
ability to compress a fairly lengthy message and create a short message abstract
in response. The algorithm can be utilized along various protocols to ensure
security of the applied algorithm, particularly for Digital Signature Standard
(DSS). The algorithm offers five separate hash functions which were created by
National Sec
3 min
Automation and Orchestration
Triple DES, 3-DES Network Encryptor
Synopsis
Triple Data Encryption Algorithm (3DES) is an advancement of the popular DES
standard. 3DES utilizes symmetric key block cipher. Using three unrelated 64
bit keys, 3DES was created to encrypt 64 bit blocks of data. In DES block,
each key is utilized as an input. Without creating an entire new cryptosystem,
3DES can highlight the apparent defect in DES. Through exerting the algorithm
three times in progression with three unlike keys, 3-DES simply enhances the key
size of DES. As DES
2 min
Komand
The Future of Komand is Bright
When Komand was founded, we had a simple vision: make cybersecurity better for
everyone, together as a community. It’s a grand statement, but in order to
achieve big, you have to dream big. And so we dreamt big with Komand.
To help security teams get ahead, we built a security orchestration and
automation platform so teams can connect their disparate systems and automate
the often tedious tasks holding them back. But we didn’t just want to build
another tool or platform. That’s not what stresse
4 min
Komand
Balancing Human and Machine Input in Information Security
Humans have feared the takeover of machines
[https://techcrunch.com/2016/12/03/robots-jobs-and-the-human-fear-of-change/]
since the early days of the personal computer. But if anything, machines
(namely, security tools) have made us more powerful, more effective, and more
connected. While they eliminate many manual, human tasks, this can actually be a
good thing.
An article published by Deloitte
[https://www.theguardian.com/business/2015/aug/17/technology-created-more-jobs-than-destroyed-140-y
3 min
Automation and Orchestration
Understanding Dynamic Multipoint Virtual Private Network (DMVPN)
Dynamic Multipoint Virtual Private Network (DMVPN) is a solution which enables the data to transfer from one site to another, without having the verification process of traffic.
4 min
Automation and Orchestration
Information Security Risk Management Cycle - Overview
Synopsis
Information security risk management
[https://www.rapid7.com/fundamentals/information-security-risk-management/] is a
wide topic, with many notions, processes, and technologies that are often
confused with each other.
In this series of articles, I explain notions and describe processes related to
risk management. I also review NIST and ISO standards related to information
security risk management.
In theprevious article
[/2017/06/24/information-security-risk-management-introduction/],
3 min
Automation and Orchestration
Getting Started with Group Encrypted Transport Virtual Private Network (GETVPN)
Synopsis
Group Encrypted Transport Virtual Private Network (GETVPN) solution is
incorporated with innovative technologies which use to consume the power of
underlying Multi Protocol Label Switching (MPLS) / Shared IP Networks. It brings
the idea of trusted group to remove the integration of overlay routing and point
to point tunnels. The traffic that was encrypted by one group member can be
decrypted by other group members.
Introduction
In GET VPN mutual security association is shared among all
3 min
Automation and Orchestration
How to Install and Configure AIDE on Ubuntu Linux
Synopsys
Aide also known as Advanced Intrusion Detection Environment is an open source
host based file and directory integrity checker. It is a replacement for the
well-known Tripwire integrity checker that can be used to monitor filesystem for
unauthorized change. It is very usefull when someone placing a backdoor on your
web site and make changes that may take your system down completely. Aide
creates a database from your filesystem and stores various file attributes like
permissions, inode nu