IT Research
The Payment Card Industry Data Security Standard (PCI DSS) was originally established in 2004 as a standardization of security practices for any organization that handles or uses payment collection via credit cards. This standardization is required by all major credit card carriers and is regulated by the Payment Card Security Standards Council (PCI SSC). This…
In an era plagued by thieves, criminals, and script kiddies, the need for securing information has increased exponentially. The market is teeming with products that are advertised to adequately secure your systems, data stores, sensitive information, etc. independently or in tandem with a bevy of other products. In the modern business world, global, interconnected networks…
This is Part 1 of our “Cloud Security” series, with a goal of setting up a simple passive security monitoring capability in the cloud. Future posts will show how to enable out-of-band management, as well as setting up the monitoring services themselves. Enjoy!
Here at SealingTech we are proud to have a team of engineers who are constantly challenging themselves and each other at work and in their free time! You may recall several other challenges we have blogged about such as Kevin’s work on the IXIA Breaking Point Network Profiles challenge, or Scott and Tony’s solutions for the Cloudshark Halloween PCAP…
TL;DR During Halloween, a company called Cloudshark released a Packet Capture challenge that involved finding hidden “pumpkins” that were hidden in packets. Two SealingTech employees, Tony Efantis and Scott Lohin, participated in the challenge and found all five pumpkins. This challenge was a lot of fun, and we thank Cloudshark for creating it for the…
Background My team at SealingTech was tasked with testing the performance of a router that would be a tunnel endpoint for many different Site to Site VPN connections from various places. We were given requirements that it needed to support thousands of tunnels and VRFs and lots of bandwidth (upwards of 20 Gb/s). We had…
This is Part 2 of the Host Based Risk Scoring series. If you haven’t checked out Part 1, check out the post at Host Based Risk Scoring (Part 1). Please note that information in these articles are taken from my personal ideas and experience. I’d love to hear your comments and thoughts on these concepts.…
Welcome to the Adventures in Suricata series! Over the past couple months I have been exploring Suricata, an open source Intrusion Detection System (IDS), by standing it up in my virtualized ESXi server at home. By sharing my own experiences with you, I hope to overcome the misconception that IDS is only viable for large…
Hey all! This is the first post in a series about the concepts of a Host Based Risk Scoring System. This is an idea I had a few years ago, while doing a lot of testing of McAfee and Symantec host products. The work involved trying to determine how effective the products were against varying…