Posts published in “Security”

Research firm Gartner defines the Endpoint Protection Platform (EPP) market as one with offerings that "provide a collection of security capabilities to protect PCs, smartphones and tablets," which it said could include anti-malware, personal firewall, port and device control, and more.

The endpoint protection platform provides a collection of security capabilities to protect PCs, smartphones and tablets. Buyers of endpoint protection should investigate the quality of protection capabilities, the depth and breadth of features, and the ease of administration. The enterprise endpoint protection platform (EPP) is an integrated solution that has the following capabilities: anti-malware, personal firewall, port and device control. EPP solutions will also often include: vulnerability assessment, application control and application sandboxing, enterprise mobility management (EMM), typically in a parallel nonintegrated product, memory protection, behavioral monitoring of application code, endpoint detection and remediation technology full-disk and file encryption, also known as mobile data protection, endpoint data loss prevention (DLP).

2019

What is Risk:
Risk = Threat x Vulnerability x Asset

The enterprise risk assessment and enterprise risk management processes comprise the heart of the information security framework. These are the processes that establish the rules and guidelines of the security policy while transforming the objectives of an information security framework into specific plans for the implementation of key controls and mechanisms that minimize threats and vulnerabilities. Each part of the technology infrastructure should be assessed for its risk profile. From that assessment, a determination should be made to effectively and efficiently allocate the organization’s time and money toward achieving the most appropriate and best employed overall security policies. The process of performing such a risk assessment can be quite complex and should take into account secondary and other effects of action (or inaction) when deciding how to address security for the various IT resources.

pfSense is an open source routing and firewall software that is based on the FreeBSD distribution. The basic features including:

pfSense Home Topology

• Static/default/dynamic routing
• Stateful firewall
• Network Address Translation (NAT)
• Virtual Private Networks (VPN)
• Dynamic Host Configuration Protocol (DHCP)
• Domain Name System (DNS)
• Load balancing and so on. 

With many supported add-on packages, other advanced features including:

• Snort (for Intrusion Detection and Prevention)
• FreeSWITCH (Voice over IP)
• Squid (Proxy)
• SquidGuard (URL Filtering/HTTPS inspection)
• Darkstat (Network Traffic Monitor)

Gartner has named Proofpoint (Wombat Security) a Leader in Security Awareness Computer-Based Training for a couple of years as far as I could find.

There are many functions and features I like, but one thing I specially liked is how easy you can setup a training just with a couple of clicks and some basic information entered. The templates from Wombat is already good enough for most situations. In this post, I captured some screenshots to show how easily it can be done.

1. Log into Wombat Platform
Products->Training -> Assignmetns

Wombat ThreatSim® Phishing Simulations are an excellent addition to any security awareness training program, particularly those focused on fighting phishing attacks. Wombat ThreatSim Phishing Simulations serivce has SaaS-based interface which makes it easy to deliver simulated phishing emails and customizable Teachable Moments, which display targeted "just-in-time teaching" messages to individuals who fall for a phishing test.ThreatSim’s customizable email templates address three key testing factors: attachments, embedded links, and requests for personal data. Based on Wombat site, no one else in the industry can offer multiple templates in one campaign, random scheduling of emails to spread out delivery, along with Auto-Enrollment into targeted training if an employee falls for an attack.

This post is a quick step by step guide how to create a basic Phishing Campaign hosted from Wombat ThreatSim platform.

Log into Wombat Security Education Platform and Click ThreatSim -> Phishing Campaigns