Posts tagged Komand

3 min Automation and Orchestration

Do You Need Coding Resources on Your Security Team?

Often when security teams think about security automation [http://4hko.drordi.com/fundamentals/security-automation/], they worry they don’t have the coding capabilities needed to create, implement, and maintain it. Pulling development resources from the IT team or engineering department can take time; backlogs are long, and revenue-generating projects tend to take priority. Another option is to hire an IT consultant, but this can be pricey and may not be sustainable long-term. Instead, some sec

4 min Automation and Orchestration

How Security Orchestration and Automation Will Unite Infosec

After working in the security industry for 15 years, one of the consistent themes I’ve observed is how teams struggle with balancing the increasing amount of work they have to do, without an increase in resources to accomplish their goals. But there’s another, less obvious problem that I like to refer to as a different kind of SaaS: “security as a silo.” It should be no surprise that large organizations frequently struggle with silos that create friction and miscommunication—barriers that get i

4 min Automation and Orchestration

How to Securely Handle a Lost or Stolen Device: A Practical Workflow

It’s 10pm and you receive an email from a teammate that their laptop was stolen at a local networking event. You learn that not only was their computer unlocked, but they were logged into their company email and Salesforce accounts at the time the device was stolen. Devices like laptops and phones hold a lot more value than the technology itself. Everything from customer data to company files and account logins are stored and easily accessible on these devices, making them easy targets for data

4 min Automation and Orchestration

Security Career Paths: Common and Unique Roles

Security is one of the most in-demand roles today. According to recent numbers [http://www.csoonline.com/article/2953258/it-careers/cybersecurity-job-market-figures-2015-to-2019-indicate-severe-workforce-shortage.html] , the demand for security workers is expected to grow to 6 million worldwide by 2019. So how do you get into or grow your career in security? What makes security so interesting is the many directions you can take — traditional or not. This post will walk you through how to build

2 min Automation and Orchestration

Why Security Teams Should Embrace (Not Fear) Automation

It’s not the coming of the apocalypse. It’s not the end of the security profession. And it’s certainly not a bad thing. We’re talking about the rise of automation. As security threats become a bigger part of the day-to-day concerns at all types of organizations, bringing in machines has become necessary to keep up. In fact, security automation can help you become even more valuable as an employee. Being at the heart of the security orchestration and automation [http://4hko.drordi.com/solutions/s

1 min Komand

Everything You Need to Know About Building a Career in Security

Are you thinking about pursuing a career in security? Or have you already started one, and you’re wondering what it will take to get to the next level? Perhaps you have been in the security field for a long time, and it’s starting to feel a little stale? Regardless of where you are in your journey, we’ve put together a helpful guide full of valuable information and real-world anecdotes about what it means to pursue this dynamic and challenging vocation. Free eBook: Defining Your Career Path as

3 min Komand

SOC Series: How to Choose the Right Skills for Your SOC

Do you have the right mix of skills in your security operations center (SOC) [http://4hko.drordi.com/fundamentals/security-operations-center/]? Whether your SOC is brand new or has been around for years, you need to be sure it’s built to meet the demands of today’s complex security landscape. In this post, we’ll define the most important skills any SOC should have today so you can be sure to have the right mix of people to safeguard your business. Effective Team and Communication Skills Regard

3 min Automation and Orchestration

How to Password Protect Apache Directories with mod_authn_dbd and MySQL on Ubuntu Linux

Synopsis The mod_authn_dbd is an Apache module that provides the functionality for Apache to authenticate users with MySQL database. This module provides authentication front-ends such as mod_auth_digest and mod_auth_basic to authenticate users by looking up users in MySQL tables. Apache’s mod_authn_dbd supports a wide range of drivers such as, ODBC, MSSQL, SyBase, MySQL, Oracle, PostgreSQL and SQLite. This module allows execution of arbitrary SQL for user / password matching and also support al

3 min Automation and Orchestration

How To Secure Apache with Let's Encrypt on Ubuntu Linux

Synopsis Improving your website security has generally been most complicated and expensive task for every Linux administrator. Let’s Encrypt is a free, automated, and open certificate authority that provides free X.509 certificates for Transport Layer Security encryption via an automated process. It is very complex process to install and add an SSL certificate to a web server. You can make it easier with the help of Let’s Encrypt. You can easily encrypt data [http://4hko.drordi.com/fundamentals/

4 min Automation and Orchestration

How to Secure SSH Server using Port Knocking on Ubuntu Linux

Synopsis Port Knocking is a method used to secure your port access from unauthorised users. Port Knocking works by opening ports on a firewall by generating a connection attempt on a set of prespecified closed ports. Once a correct sequence of connection attempts is received, the firewall will open the port that was previously closed. The main purpose of port knocking is to defend yourself against port scanners. Changing your default ssh port is not a secure method to protect your server, becaus

3 min Automation and Orchestration

How to Secure MySQL Server on Ubuntu Linux

Synopsis Now a day database server is very critical and necessary component for any applications. Databases can be found in everything from web applications, web server to smartphones and other devices. Most of software applications rely on a database to store its data. This is the reason why databases are the number one target of any attackers. Among all the databases MySQL and MariaDB has become the world’s most popular open source database due to its fast performance, high reliability and eas

23 min Komand

An Interview with Rebekah Brown, Co-Author of Intelligence-Driven Incident Response

We recently interviewed Rebekah Brown for our Defender Spotlight series [/2017/08/09/defender-spotlight-rebekah-brown-rapid7/] on the topic of her life as a cybersecurity defender. When we spoke with her, she also talked in-depth about how threat intelligence can inform and improve the incident response lifecycle. Rebekah practices these concepts in her day-to-day life as a defender, and she’s even co-authored a book on this very topic called Intelligence-Driven Incident Response [http://shop.o

3 min Automation and Orchestration

RSA (Rivest, Shamir and Adleman)

Synopsis Rivest, Shamir & Adleman (RSA) is the public key cryptosystem.  The phenomenon of data transmission is secured through it. The letters “RSA” are the initials of the inventor of the system. Four steps are incorporated in this algorithm: Encryption, Decryption, Key Distribution and Key Generation.  After the development of public-key cryptography, the most famous cryptosystem in the world is RSA. In order to maintain proper security, the decryption exponent of RSA must be greater than cer

3 min Automation and Orchestration

What is Data Encryption Standard (DES)?

Synopsis The Data which is encrypted by symmetric key method is called Data Encryption Standard (DES). It was prepared by IBM Team in 1974 and declared as national standard in 1977. Government was also using cryptography, especially in diplomatic communication and military. Without cryptography it’s difficult to interpret military communication. Cryptography was also used in commercial sector. Federal Information Processing Standard (FIPS) was also working on DES. FIPS was integrated with comput

4 min Komand

How to Use Your Threat Model as a Guidepost for Security

The threats you face are unique to your company's size, industry, customer base, and many other factors. So your approach to protecting your organization's digital data should be unique, too. In this post, we’ll cover a framework to develop an effective threat model that will fits your organization's unique needs. The Factors that Determine Your Unique Threat Model There are many factors that can determine your threat model. And while this will vary from company to company, we've identified th