Cisco has disclosed a critical CVSS 10 vulnerability in ASA that can allow an uncredentialled user to take over the vulnerable device and change access rules. RedSeal has published a custom best practice check for customers to detect vulnerable devices that have the offending service (WebVPN) enabled.
Over the last few decades, many network security architecture products have come to market, all with useful features to help secure networks. If we assume that all of these security products are deployed in operational networks, why do we still see so many leaks and breaches?
Some say the users are not leveraging the full capabilities […]
https://www.redseal.net/wp-content/uploads/2016/08/RedSeal-logo.png00Wayne Lloyd, Federal CTO, RedSealhttps://www.redseal.net/wp-content/uploads/2016/08/RedSeal-logo.pngWayne Lloyd, Federal CTO, RedSeal2017-12-21 05:00:302018-06-11 11:56:20Network Segmentation, Security and RedSeal
Recently RedSeal hosted its annual Federal Customer Forum. One of the panels featured a discussion with several luminaries in the federal government cybersecurity ecosystem. The topic: the importance of the integration and automation of cybersecurity operations.
Those present were:
Wayne Lloyd, RedSeal (Moderator) Kevin Phan, Splunk Tim Jones, ForeScout Wade Woolwine, Rapid7 John America, Mystek […]
https://www.redseal.net/wp-content/uploads/2016/08/RedSeal-logo.png00RedSealhttps://www.redseal.net/wp-content/uploads/2016/08/RedSeal-logo.pngRedSeal2017-12-18 05:00:492018-06-11 14:04:39Leading Federal Cybersecurity Experts Agree: Federal Agencies Need Integrated and Automated Approach
Watch Video: RedSeal and Hidden Cobra Overview, Use Cases and Demo
Introduction
On November 17th, the United States Computer Emergency Ready Team (US-CERT), in conjunction with the FBI, released a pair of advisories about the North Korean hacking and espionage campaign code named HIDDEN COBRA. The latest advisories describe two pieces of […]
https://www.redseal.net/wp-content/uploads/2016/08/RedSeal-logo.png00Emil Kiner, Sr. Product Managerhttps://www.redseal.net/wp-content/uploads/2016/08/RedSeal-logo.pngEmil Kiner, Sr. Product Manager2017-11-22 13:59:182018-06-11 10:11:51Being Digitally Resilient in the Face of HIDDEN COBRA
The Uber hack is a public lesson that a breach may be bad, but a cover-up is worse. (See Nixon, Richard.) It was a foolish mistake to try to hide an attack of this scale, but then, the history of security is a process where we all slowly learn from foolish mistakes. We live in […]
https://www.redseal.net/wp-content/uploads/2016/08/RedSeal-logo.png00Dr. Mike Lloyd, CTO, RedSealhttps://www.redseal.net/wp-content/uploads/2016/08/RedSeal-logo.pngDr. Mike Lloyd, CTO, RedSeal2017-11-22 11:20:402018-08-14 08:56:53Uber Hack: A Bad Breach, But A Worse Cover-Up
This month it is Equifax. Previously it was Yahoo and before that Target. Each new breach seems to set a new record of how many pieces of personal identifiable information have been compromised. It is easy to get inured to these news stories, especially since the media generally does not deduce […]
https://www.redseal.net/wp-content/uploads/2016/08/RedSeal-logo.png00Guest bloggerhttps://www.redseal.net/wp-content/uploads/2016/08/RedSeal-logo.pngGuest blogger2017-10-03 05:00:262018-06-11 10:37:36What Equifax Tells Us About Cybersecurity
What is data worth? On the surface, it is just a bunch of 1s and 0s on a hard drive. Most users don’t think about or even fully understand data. Their cell phones work, email is at their fingertips, and a friend is just a video chat away. But, enormous companies are built using […]
https://www.redseal.net/wp-content/uploads/2016/08/RedSeal-logo.png00Nate L. Cashhttps://www.redseal.net/wp-content/uploads/2016/08/RedSeal-logo.pngNate L. Cash2017-09-12 05:00:172018-06-11 10:42:25Protecting PHI, Challenges and Solutions for Healthcare
I just came across a WSJ Pro article titled “Inside the NSA: Companies Need to Follow the Basics,” and figured I could offer an “amen.” The NSA gets points for seeing things clearly – but then, I suppose that is their job, whether we like it or not! The area they discuss isn’t easy to write […]
https://www.redseal.net/wp-content/uploads/2016/08/RedSeal-logo.png00Dr. Mike Lloyd, CTO, RedSealhttps://www.redseal.net/wp-content/uploads/2016/08/RedSeal-logo.pngDr. Mike Lloyd, CTO, RedSeal2017-09-05 05:00:132018-08-14 08:57:00Keep Up with the Basics
In the warmer months when I’m not traveling I often get up early and wander my property pulling and spraying weeds. This is an endless and thankless task, yet a necessary evil to preserve my investment and maintain appearances. I am amazed how quickly weeds grow and by the places they find purchase. In […]
https://www.redseal.net/wp-content/uploads/2016/08/RedSeal-logo.png00Jeff Greenehttps://www.redseal.net/wp-content/uploads/2016/08/RedSeal-logo.pngJeff Greene2017-08-24 05:00:092018-06-11 10:10:24Vulnerabilities: The Weeds of Your Digital Terrain
At the recent Black Hat USA conference, CIO asked 250 self-identified hackers for their opinion on security solutions. The answers are a good indicator for what works to protect your organization. Of all the technologies out there, the responders identified multi-factor authentication and high-level encryption as the two that are hardest to get past […]
https://www.redseal.net/wp-content/uploads/2016/08/RedSeal-logo.png00Nate L. Cashhttps://www.redseal.net/wp-content/uploads/2016/08/RedSeal-logo.pngNate L. Cash2017-08-18 05:00:182018-06-11 11:54:32Advice from Hackers at Black Hat
Finding Devices Vulnerable and Exposed to CVE-2018-0101 with RedSeal
/in Blog /by Emil Kiner, Sr. Product ManagerSummary
Cisco has disclosed a critical CVSS 10 vulnerability in ASA that can allow an uncredentialled user to take over the vulnerable device and change access rules. RedSeal has published a custom best practice check for customers to detect vulnerable devices that have the offending service (WebVPN) enabled.
Quick Links:
RedSeal Custom Best Practice Check […]
Network Segmentation, Security and RedSeal
/in Blog /by Wayne Lloyd, Federal CTO, RedSealOver the last few decades, many network security architecture products have come to market, all with useful features to help secure networks. If we assume that all of these security products are deployed in operational networks, why do we still see so many leaks and breaches?
Some say the users are not leveraging the full capabilities […]
Leading Federal Cybersecurity Experts Agree: Federal Agencies Need Integrated and Automated Approach
/in Blog /by RedSealRecently RedSeal hosted its annual Federal Customer Forum. One of the panels featured a discussion with several luminaries in the federal government cybersecurity ecosystem. The topic: the importance of the integration and automation of cybersecurity operations.
Those present were:
Wayne Lloyd, RedSeal (Moderator) Kevin Phan, Splunk Tim Jones, ForeScout Wade Woolwine, Rapid7 John America, Mystek […]
Being Digitally Resilient in the Face of HIDDEN COBRA
/in Blog /by Emil Kiner, Sr. Product ManagerWatch Video: RedSeal and Hidden Cobra Overview, Use Cases and Demo
Introduction
On November 17th, the United States Computer Emergency Ready Team (US-CERT), in conjunction with the FBI, released a pair of advisories about the North Korean hacking and espionage campaign code named HIDDEN COBRA. The latest advisories describe two pieces of […]
Uber Hack: A Bad Breach, But A Worse Cover-Up
/in Blog /by Dr. Mike Lloyd, CTO, RedSealThe Uber hack is a public lesson that a breach may be bad, but a cover-up is worse. (See Nixon, Richard.) It was a foolish mistake to try to hide an attack of this scale, but then, the history of security is a process where we all slowly learn from foolish mistakes. We live in […]
What Equifax Tells Us About Cybersecurity
/in Blog /by Guest bloggerBy Richard A. Clarke
This month it is Equifax. Previously it was Yahoo and before that Target. Each new breach seems to set a new record of how many pieces of personal identifiable information have been compromised. It is easy to get inured to these news stories, especially since the media generally does not deduce […]
Protecting PHI, Challenges and Solutions for Healthcare
/in Blog /by Nate L. CashWhat is data worth? On the surface, it is just a bunch of 1s and 0s on a hard drive. Most users don’t think about or even fully understand data. Their cell phones work, email is at their fingertips, and a friend is just a video chat away. But, enormous companies are built using […]
Keep Up with the Basics
/in Blog /by Dr. Mike Lloyd, CTO, RedSealI just came across a WSJ Pro article titled “Inside the NSA: Companies Need to Follow the Basics,” and figured I could offer an “amen.” The NSA gets points for seeing things clearly – but then, I suppose that is their job, whether we like it or not! The area they discuss isn’t easy to write […]
Vulnerabilities: The Weeds of Your Digital Terrain
/in Blog /by Jeff GreeneIn the warmer months when I’m not traveling I often get up early and wander my property pulling and spraying weeds. This is an endless and thankless task, yet a necessary evil to preserve my investment and maintain appearances. I am amazed how quickly weeds grow and by the places they find purchase. In […]
Advice from Hackers at Black Hat
/in Blog /by Nate L. CashAt the recent Black Hat USA conference, CIO asked 250 self-identified hackers for their opinion on security solutions. The answers are a good indicator for what works to protect your organization. Of all the technologies out there, the responders identified multi-factor authentication and high-level encryption as the two that are hardest to get past […]