INSIDER THREAT SECURITY BLOG

Over the years when presenting at conferences, user groups, and customer presentations I have often talked about some of the “new ways” to help learn tools and techniques in information security. One of the resources I specifically recommend is using Docker containers and Windows Subsystem for Linux to quickly experiment with tooling without the need to manage a virtual machine or other infrastructure. I have often been asked to expand upon this topic so I wanted to document some of these …

Windows Offensive VM from Mandiant FireEye Previously, I wrote a high-level overview of the testing platform Commando VM and an installation guide to get started with it. Today, I’ll be diving into a proof of concept of sorts to show off some of the tools and flexibility that the testing platform offers. My goal with this post is to highlight some things that can be done with the platform, situations enterprises should try to be wary of, and some ways enterprises can identify and prevent s…

Data is what drives business, and businesses are generating and consuming more data all of the time. The explosion of collaboration tools and big data analytics has only accelerated the desire for more employees to share more data across the enterprise. So it’s no surprise to IT teams that we are being asked to retain more data, of all types, make it freely available to employees in different departments and with outside business partners and, oh yeah, secure it all, without any more budget. …