Welcome!

Security through Intelligence

Cory Marchand

Subscribe to Cory Marchand: eMailAlertsEmail Alerts
Get Cory Marchand via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories by Cory Marchand

Imagine for a second you have complete network and host activity trending data built in to your daily reporting and alert consoles that your analysts spend hours in front of. Suddenly one of your SQL servers attempts a GET request directly to an IP address on SSL port 443. Without that trending information of normal behavior of your server activity, how would you detect this? With trending information, your analysts immediately identify this as “out of the norm”, and begin their investigation into the "why". Trending - A way to increase your customer value, and find hidden gems. ... (more)

Anatomy of a Spearphishing Attack

In blogs past, we have discussed the importance of Cyber Security, and how it is one of the most important pieces of the Information Assurance puzzle.  One of the greatest problems that we continue to face as Network Defenders and Information Assurance professionals is human error. We spend millions of dollars on technologies built to protect, block and alert when our IT systems come under fire, but many times the user is the very reason why we are under attack. The Target, The User The user is a soft, fleshy decision-making machine with something our computing systems do not ha... (more)

Security Awareness Training: The Single Most Important Cost in IT Security

Ok, ok, I know the title is a tad dramatic but hear me out on this one. A well-known computer security professional and former NSA research scientist wrote an editorial back in July 2012 stating, "Money spent on security awareness training, is money wasted." Dave Aitel , a respected individual in the world of Computer Security and current CTO of Immunity, made this statement in light of the fact that several high profile intrusions had occurred at the hands of employees who were targeted in spearphishing attacks, some of which lacking in sophistication. I disagree with the above ... (more)

Information Assurance Does Not Equal Information Security

When I was working on a network assessment team for one of my customers, I would routinely hear upset voices when we would present our findings. The most common thing that the executives would say was, “Wait a minute, aren’t we current on our updates? I saw the compliance report, and we were all green right?” “All green right?” What that Information Security Officer was referring to was a slide that was presented to him showing the level of compliance that the hosts on his network were currently reporting. To him, this meant secure.  It meant that all of his systems were patche... (more)

Effective Report Writing Applied to Cyber Security

In almost all professions, report writing is a requirement.  Typically, reports document the success and failures of a particular action. While it may not be your favorite part of the job, report writing does validate your work to the customer. In our profession, Cyber Security, we have the unique challenge of communicating highly technical information in a non-technical format, so that the impact of our efforts can be understood. Early in my career I hated writing reports.  Back then, I had a hard time understanding why reports were so important.  Little did I know that the cou... (more)