Welcome!

Security through Intelligence

Cory Marchand

Subscribe to Cory Marchand: eMailAlertsEmail Alerts
Get Cory Marchand via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories by Cory Marchand

When I was working on a network assessment team for one of my customers, I would routinely hear upset voices when we would present our findings. The most common thing that the executives would say was, “Wait a minute, aren’t we current on our updates? I saw the compliance report, and we were all green right?” “All green right?” What that Information Security Officer was referring to was a slide that was presented to him showing the level of compliance that the hosts on his network were currently reporting. To him, this meant secure.  It meant that all of his systems were patched to the current patch levels, all anti-virus was up to date, and all 3rd party systems were also updated.  Being “green” was interpreted as “secure” – not only by this executive, but to those reporting to him. Little did he know that while he was having his weekly meeting with his IA staff... (more)

Effective Report Writing Applied to Cyber Security

In almost all professions, report writing is a requirement.  Typically, reports document the success and failures of a particular action. While it may not be your favorite part of the job, report writing does validate your work to the customer. In our profession, Cyber Security, we have the unique challenge of communicating highly technical information in a non-technical format, so that the impact of our efforts can be understood. Early in my career I hated writing reports.  Back then, I had a hard time understanding why reports were so important.  Little did I know that the cou... (more)

DeepIntel 2012 - An Intelligent Security Conference

It has been almost a week now since DeepIntel 2012, a conference focused on Security Intelligence, has wrapped up and I cannot help but think; "Why is this the first conference of its kind?" DeepIntel, a conference covering Security Intelligence using several different approaches, managed to effectively deliver the information both in its speakers and in its audience participation. With the attendees intimate proximity to the speakers, those at DeepIntel were not only involved in the talks, but were integral in the initiatives introduced at the conference. I would say that DeepIn... (more)

Malware Delivery – Understanding Multiple Stage Malware

To some of us, seeing an email with malware embedded in a PDF, Word or Excel attachment is common. In fact, it has become the new norm for malware delivery to use file types that are not obviously malicious (versus something like a .exe). Gone are the days of wide-open acceptance of all file extensions for attachments within an email. In today's network defense-in-depth techniques, one of the layers is naturally email security. This includes the scrutinizing of emails for embedded links or attachments that could be potentially malicious, scanning attachments for possible detect... (more)

Addressing the Root Cause – A Proactive Approach to Securing Desktops

The computers on your network are protected from malware right? If you are operating an environment based largely on Windows based PCs you likely have some kind of anti-virus installed and centrally managed. If you have purchased a more complete desktop protection suite, you probably even have a Host Based IDS/IPS protecting your machine from incoming malicious TCP scans, or possible outbound connections to known malicious sites (like google.com occasionally). Operating system firewall activated? Yep! AV signatures current? Check! Global Threat Intelligence updated? Uh, yeah....s... (more)