Home – Posts tagged "Security"
Troubleshooting the Splunk App for Enterprise Security
May 7, 2013 —
Intro Welcome Splunkers! In this post, I’d like to talk about an issue I encountered recently when working on a Splunk App for Enterprise Security v2.2.1 (ES app) deployment and the approach I took in troubleshooting it. But before getting started, I’d like to congratulate Splunk and their Security Products team for winning the SC →
Categories: Operational Intelligence
Passwords: Sharks Can Smell a Breach a Mile Away
February 5, 2013 —
2013 is not shaping up to be a banner year for Internet security. 2012 saw data breaches like 6.5 million LinkedIn password hashes leaked, 420,000 member accounts from social network Formspring, Yahoo! Voices more than 400,000 usernames and passwords, 1.5 million passwords from the online dating site eHarmony. Twitter is the latest system to suffer →
Categories: Best Practices, Cool Tools
Security Hardening Open Source Projects
October 31, 2012 —
A client recently had a stream of attacks on several of their online applications. Thanks to excellent monitoring, solid architecture and nice, clean installations, the attacks were easily rebuffed. Cheers to all involved. Just the same, the attacks gave me some insights on what a typical attack vector looks like to an online intruder. There →
Categories: Best Practices
Packing Passwords
August 16, 2012 —
A common problem faced at the workplace and at home is finding a way to securely store your passwords. With people like “Anonymous” and identity thieves out there, gone are the days for scribbling passwords on post it notes (who would do such a thing?!?), or keeping word docs with your passwords listed on your →
Categories: Cool Tools
Is your Organization Operationally Intelligent?
September 23, 2011 —
Data over here, Data over there, Data everywhere… We live in an an age where there is probably more data compiled about a newborn child in it’s first 1yr of life than was compiled about their great grand parent in their entire lives! Imagine collecting health data for the nearly 4.25M kids that are born →
Categories: Operational Intelligence
What is Portal Integration?
May 24, 2011 —
I recently helped to integrate Salesforce into the WCI portal. Whenever planning to integrate a third party system into the portal, it’s helpful to think about what “integration” really means. Over the years, it has helped me to define 3 “levels” of integration into the portal. Level 1: Shallow Linking This first level is really →
Categories: Best Practices, Enterprise 2.0
When is a user not who they seem?
May 6, 2011 —
The phone rings. It is your credit card company. They’ve had some ‘suspicious’ charges show up on your credit card, and would like you to verify them. However, they first need to confirm you are the credit card holder, so they ask you to verify the credit card number, the security code from the back →
Beware the Security Propagation Bug(s)
September 28, 2008 —
We’ve warned you before about ACL propagation when you’re changing the security in ALI. Heck, we even created a product to ease the pain of this important task. Today’s bug is about another issue with security propagation. Well, it’s actually 2 bugs (maybe 3). Let me explain: When you answer “yes” to that question about →