The SANS Reading Room has been updated with 3 new interesting Papers.
Data breach has been one of the biggest fears that organizations face today. Quite a few organizations have been in the news for information disclosure and a popular recent case is that of T.J.Maxx. While DLP is not a panacea to such attacks, it should certainly be in the arsenal of tools to defend against such risks.
Abstract:
Firewall rulebases tend naturally toward disorder over time, and as the size of the ruleset grows, the performance of the firewall starts to suffer. In this paper, a simple procedure for culling unused rules and ordering the rulebase for performance will be presented. The procedure uses open-source software and purpose-built tools (which will be provided) and has been used to leanup the rulebase of large firewalls at a major financial institution. Anyone interested in mproving the performance of their Check Point firewall and/or improving their position come the next audit should read this paper.
Abstract:
The world of mobile device forensics is a complicated one. There are countless manufacturers of mobile devices, unlike the PC world’s limited number of major operating system vendors. To complicate things further, each mobile device manufacturer may have their own proprietary technology and formats. Add to this the fact that new mobile devices such as cellular phones and personal digital assistants (PDAs) are released at a blistering pace and you have a challenging environment to work in.
This research paper will document in detail the methodology used to examine mobile electronic devices for the data critical to security investigations. The methodology encompasses the tools, techniques and procedures needed to gather data from a variety of common devices.
Related posts:
(Photo under creative commons from paulbence's photostream)
Security4all Blog
Twitter
Slideshare
Facebook
Digg
Flickr
0 comments:
Post a Comment