Breaches Are Inevitable, Or Are They? [securitytheater.phoneboy.com]
From Palo Alto CEO: Beware the Internet of Things – and watch your car: That’s sort of the equivalent.” We can argue whether or not breaches are inevitable all day long.
Lies, Damn Lies, and Inspecting SSH Traffic Securely [securitytheater.phoneboy.com]
SSH is a wonderful tool for accessing remote systems via a CLI. If you’re so inclined, you can even use an SSH tunnel as a SOCKS proxy. And therein lies the problem. Why is that an issue? Disclaimer:
The Right Way To Inspect SSH Connections [securitytheater.phoneboy.com]
When talking with Check Point customers, a common request I hear is for the ability to “decrypt” SSH traffic, see inside of said traffic, and make security decisions based on what it finds, including…
All The Security Tools In The World Won't Help If You Don't Do This [securitytheater.phoneboy.com]
In my travels as a Security Architect for Check Point Software Technologies, I have seen many different customer environments. And I’ve got a good sense for why. What is this thing? Discl…
Well then, it appears fixing my RSS feed kicked PourOver into action. Apologies for the vomit.
There's a Nintendo Wii-U Sized Hole In My Firewall [securitytheater.phoneboy.com]
In order to allow your Nintendo Wii-U to participate in multiplayer online games, you have to configure your router/firewall/whatever in one of three ways per Nintendo: Edited to add on 10 Aug 2015:
Why SSL Decryption Is Important [securitytheater.phoneboy.com]
From Exclusive: The OPM breach details you haven’t seen: OPM then notified DHS’ U.S. Computer Emergency Readiness Team, and a forensic investigation began. SSL/TLS traffic is pretty common.
Bringing Order To The Chaos Of Information Security [securitytheater.phoneboy.com]
It’s very easy to get discouraged in the information security business. When these threats are exploited–it’s no longer a question of if–data and reputation loss are likely results. Where are they?
Shouldn't a Security Gateway Be Secure By Default? [securitytheater.phoneboy.com]
From Palo Alto Networks: Best Practices for Securing Your Network from Layer 4 and Layer 7 Evasions: Block all unknown applications/traffic using security policy. My guess: probably not. Disclaimer:
The Start of my Information Security Career 20 Years Ago [securitytheater.phoneboy.com]
Update: For those who like to listen to audio instead of read, I recorded a version of this story in podcast form. Back then there was just the guys who ran the servers. Qualix Group. The bottom lin…