Gartner Magic Quadrant for Security Awareness Computer-Based Training (2018,2017,2016,2015,2014)
IT research and advisory firm Gartner, Inc. has evaluated different vendors in the Magic Quadrant for Security Awareness Computer-Based Training (CBT). Gartner’s evaluation criteria includes market understanding, marketing strategy, sales strategy, product strategy and offering, business model, vertical/industry and geographic strategy, and innovation. What is security awareness computer-based training? End-user-focused security education and training is a rapidly growing market. Demand is…
IBM Security Guardium is designed to help safeguard critical data. Guardium is a comprehensive data protection platform that enables security teams to automatically analyze what is happening in sensitive-data environments (databases, data warehouses, big data platforms, cloud environments, files systems, and so on) to help minimize risk, protect sensitive data from internal and external threats, and seamlessly adapt to IT…
Here are some collections from Internet about Threat Hunting tools, information and resources. 1. Kansa GitHub – Davehull/Kansa http://trustedsignal.blogspot.com/search/label/Kansa http://www.powershellmagazine.com/2014/07/18/kansa-a-powershell-based-incident-response-framework/ Kansa: A PowerShell-based incident response framework Related
ArcSight SIEM Logger Web Gui and Search Tips and Tricks
ArcSight Logger is one of products from Micro Focus SIEM platform. It streams real-time data and categorizes them into specific logs and easily integrates with Security Operations. As a result, organizations of any size can use this high performance log data repository to aid in faster forensic analysis of IT operations, application development, and cyber security issues, and to simultaneously…
Security Events and Data Breaches in 2018, 2017, 2016, 2015, 2014
World’s Biggest Data Breaches Thanks to Lewis Morgan, social media manager at IT Governance. He has compiled this list by month and year since 2014, might be earlier. What I did is to put his month or year list into my this post and count the numbers for leaked records which some of them were missing from original post. Here are…
This post is to collect Internet resources regarding threat modeling. There are some other similar posts regarding Threat Intelligence and Threat hunting. Search my blog you will find more. Threat Modeling Methodologies for IT Purposes Conceptually a threat modeling practice flows from a methodology. Numerous threat modeling methodologies are available for implementation. Based on volume of published online content, the…
Install Latest Splunk 7.2.0 on Ubuntu 18.04 LTS at Google Cloud Platform
Installing Splunk 7.2.0 into Ubuntu is super easy. I had a video to introduce how to install Splunk in a windows server in my previous post. This time, I am going to present an installation process for Splunk 7.2.0 installed into Ubuntu 18.04. Ubuntu is running on Google Cloud Platform. 1. Create a new Ubuntu 18.04 LTS VM from GCP ->Computer…
The Qualys Cloud Platform and its integrated apps can simplify security operations and lower the cost of compliance by delivering critical security intelligence on demand and automating the full spectrum of auditing, compliance and protection for IT systems and web applications. Qualys Scanner Appliance is an option with the Qualys Cloud Platform. With the Qualys Scanner Appliance, you can easily…
Mobile Iron Centry provides access control for email. Sentry connects to Microsoft ActiveSync-enabled email systems such as Microsoft Exchange, IBM Lotus Notes, Google Gmail, and Microsoft Office 365. MobileIron Sentry is an in-line gateway that manages, encrypts, and secures traffic between the mobile device and back-end enterprise systems. Like the VSP, it may be deployed as a physical hardware appliance or a virtual appliance using VMware ESX. Mobile Iron Sentry is included in the Mobile Iron Advanced Management package, though the hardware appliance is sold separately.
MobileIron’s [email protected]App connects your Android device to your company network so that you can easily and securely access email and other work resources. [email protected] App works in conjunction with a MobileIron Core server deployed by your company’s IT organization. .
In this post, I am using sentry-mobileiron-7.0.1-29.iso to do installation into Vmware Workstation 10.
Choose vm-install since I am using virtual machine installation:
Follow the screen instruction, step by step to provide all information:
login as: admin [email protected]’s password: ************************************************************ * MobileIron Sentry CLI * * * * * ************************************************************ Welcome admin it is Thu Mar 24 16:09:29 UTC 2016
[email protected]> enable Password: [email protected]setry.test.com# ? clear Reset functions configure Enter configuration mode curl Allows you to run curl operation disable Turn off privilized commands end Exit from privilige context exit Exit from the EXEC help Description of the interactive help system host Query Internet name servers install Install tools or rpms logout Exit from the EXEC no Negate a command or set to its defaults ping Send echo messages poweroff Power off the system. reload Halt and perform a cold restart service Allows you do service operations setup Run the SETUP command facility show Show running system information software Check for updates or update software ssh Open a ssh connection telnet Open a telnet connection timeout CLI Idle timeout. traceroute Trace route to destination
write Save configuration [email protected]setry.test.com# show banner clock fips hostname interfaces ip kparams log logging logtail memory ntp processes registration running-config
sentry service software statichost system tcp tech timeout version
[email protected]# show running-config Display running configuration interface GigabitEthernet 1 ip address 192.168.236.101 255.255.255.0 no shutdown end interface GigabitEthernet 2 no ip address shutdown end interface GigabitEthernet 3 no ip address shutdown end interface GigabitEthernet 4 no ip address shutdown end ip route 0.0.0.0 0.0.0.0 192.168.236.1 no dbconfig service ssh 5 service telnet 5 no service ntp service iptables enable ip name-server 126.96.36.199 0 ip name-server 188.8.131.52 1 ip domain-name test.com hostname setry.test.com timeout 0 system user admin *** [email protected]# [email protected]setry.test.com# reload System configuration may have been modified. Save? [yes/no]: yes Configuration saved. Proceed with reload? [yes/no]: yes Broadcast message from root (pts/0) (Thu Mar 24 17:58:05 2016):
The system is going down for reboot NOW!
After reboot, you should be able to access https://192.168.236.101:8443 GUI interface. You will have to reboot once after the configuration to enable GUI access.