Welcome!

Security through Intelligence

Cory Marchand

Subscribe to Cory Marchand: eMailAlertsEmail Alerts
Get Cory Marchand via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories by Cory Marchand

"Cyber Threat Analysis" is the practice of effectively fusing knowledge of an organizations network vulnerabilities, both internal and external (including essential IT systems), and matching these against actual cyberattacks and threats seen out in the wild.  The output of this fused analysis is an advanced defensive detection mechanism with a final goal of enhancing the defensive posture of the network against real cyber threats. Security Intelligence We at Cyber Squared refer to this as "Security Intelligence".  Security Intelligence transitions our clients from a state of reactive security to a proactive one through an intelligence-led, threat-focused approach to cyber security. Combining the ability to share relevant threat knowledge and effectively understand your own defensive weaknesses, as well as your gaps in detection, can help you assess global threats ot... (more)

Social Networking - A Playground for Cyber Criminals

As a Security Analyst, I witness very sophisticated Advanced Persistent Threat (APT) attacks as well as low level cyber criminals attempting to steal bank information, credit card data and website login credentials. One commonality that the cyber criminals and the APT share is the method for gaining access to information, which typically occurs through an end users email. When it comes to the criminal element of cyber attacks, I am often amazed at the lack of sophistication and effort that is asserted against their victims. It leads me to ask the question, "How on earth are these... (more)

Malware Analysis - A Cost Effective and Quick "How To"

Malware analysis can be a time consuming process, especially when dealing with a sample from skilled attackers with time and money on their side . There is no doubt that fully reversing malware and finding out how it works is the most effective way to learn how to defend against it, but most businesses don't have the time or the professional resources to do it. There are ways in which you, a Computer Network Defender, can glean enough information from malware to be used in IDS and AV signature creation, DNS poisoning and blocking as well as sharing with the CND community. This can... (more)

Anatomy of a Spearphishing Attack

In blogs past, we have discussed the importance of Cyber Security, and how it is one of the most important pieces of the Information Assurance puzzle.  One of the greatest problems that we continue to face as Network Defenders and Information Assurance professionals is human error. We spend millions of dollars on technologies built to protect, block and alert when our IT systems come under fire, but many times the user is the very reason why we are under attack. The Target, The User The user is a soft, fleshy decision-making machine with something our computing systems do not ha... (more)

Addressing the Root Cause – A Proactive Approach to Securing Desktops

The computers on your network are protected from malware right? If you are operating an environment based largely on Windows based PCs you likely have some kind of anti-virus installed and centrally managed. If you have purchased a more complete desktop protection suite, you probably even have a Host Based IDS/IPS protecting your machine from incoming malicious TCP scans, or possible outbound connections to known malicious sites (like google.com occasionally). Operating system firewall activated? Yep! AV signatures current? Check! Global Threat Intelligence updated? Uh, yeah....s... (more)