IT Research

Understanding PCI DSS and the Importance of Compliance

August 21, 2019

The Payment Card Industry Data Security Standard (PCI DSS) was originally established in 2004 as a standardization of security practices for any organization that handles or uses payment collection via credit cards. This standardization is required by all major credit card carriers and is regulated by the Payment Card Security Standards Council (PCI SSC). This…

Defensive Cyber Operations: Ground Zeroes

August 10, 2019

In an era plagued by thieves, criminals, and script kiddies, the need for securing information has increased exponentially. The market is teeming with products that are advertised to adequately secure your systems, data stores, sensitive information, etc. independently or in tandem with a bevy of other products. In the modern business world, global, interconnected networks…

Cloud Security (Part 1): Passive Security Monitoring in RackSpace

March 9, 2019

This is Part 1 of our “Cloud Security” series, with a goal of setting up a simple passive security monitoring capability in the cloud. Future posts will show how to enable out-of-band management, as well as setting up the monitoring services themselves. Enjoy!

SANS 2018 Holiday Hack Challenge

February 21, 2019

Here at SealingTech we are proud to have a team of engineers who are constantly challenging themselves and each other at work and in their free time! You may recall several other challenges we have blogged about such as Kevin’s work on the IXIA Breaking Point Network Profiles challenge, or Scott and Tony’s solutions for the Cloudshark Halloween PCAP…

Trick or Treat: Halloween PCAP Challenge from Cloudshark

November 14, 2018

TL;DR During Halloween, a company called Cloudshark released a Packet Capture challenge that involved finding hidden “pumpkins” that were hidden in packets. Two SealingTech employees, Tony Efantis and Scott Lohin, participated in the challenge and found all five pumpkins. This challenge was a lot of fun, and we thank Cloudshark for creating it for the…

How to Script Large Ixia Breaking Point Network Profiles

August 3, 2018

Background My team at SealingTech was tasked with testing the performance of a router that would be a tunnel endpoint for many different Site to Site VPN connections from various places. We were given requirements that it needed to support thousands of tunnels and VRFs and lots of bandwidth (upwards of 20 Gb/s). We had…

SR-IOV and Promiscuous Mode

July 30, 2018

For the past year, SealingTech’s Innovation Team has been working on an open source side-project called Expandable Defensive Cyber Operations Platform (EDCOP), with the goal of building a highly scalable containerized network security platform. I always tell people that if they want to try it on hardware, they need to get an Intel X710 or…

Host Based Risk Scoring (Part 2): Calculating the Vulnerability Level of a System

June 16, 2018

This is Part 2 of the Host Based Risk Scoring series. If you haven’t checked out Part 1, check out the post at Host Based Risk Scoring (Part 1). Please note that information in these articles are taken from my personal ideas and experience. I’d love to hear your comments and thoughts on these concepts.…

Adventures in Suricata (Part 1): Low Cost Intrusion Detection System

May 9, 2018

Welcome to the Adventures in Suricata series! Over the past couple months I have been exploring Suricata, an open source Intrusion Detection System (IDS), by standing it up in my virtualized ESXi server at home. By sharing my own experiences with you, I hope to overcome the misconception that IDS is only viable for large…

Host Based Risk Scoring (Part 1): How do you calculate Risk?

March 9, 2018

Hey all! This is the first post in a series about the concepts of a Host Based Risk Scoring System. This is an idea I had a few years ago, while doing a lot of testing of McAfee and Symantec host products. The work involved trying to determine how effective the products were against varying…