Vulnerability Scanning

 

Vulnerability scanning is the systematic identification, analysis and reporting of technical security vulnerabilities that unauthorized parties and individuals may use to exploit and threaten the confidentiality, integrity and availability of business and technical data and information. External vulnerability scanning specifically examines an organization’s security profile from the perspective of an outsider or someone who does not have access to systems and networks behind the organization’s external security perimeter. Your external IPs be scanned once a year, once a quarter or monthly.

Read More

Mobile Application Scanning

 

Mobile platforms by default make certain promises about their environment. Development teams should not rely on these promises to protect critical data and code. Architecture review and threat modeling process will includes assessing and documenting security risks in the context of use cases, services, roles and functions unique to your application. The threat modeling is performed in collaboration with your business, engineering, operations and corporate security teams to understand and create the system’s security objectives, threat profile, attacks, vulnerabilities and countermeasures from design to deployment.

Read More

Darkweb Credential Monitoring

 

We provide the best approach to eliminate the biggest cause of massive data breaches, the weak and/or stolen password. We continuously monitor the dark web for stolen databases and identities, and maintains the encrypted data in our proprietary database. When integrated with an IAM solution, we can provide superior visibility into user-centric risk and the ability to automate appropriate corrective actions, preventing the abuse of compromised credentials.

Read More
Verizon has launched the pocketable MiFi router. The MiFi 2200 has CDMA with EV-DO Rev. A. So you can roam around without a datacard as the only means for your laptop on the middle of nowhere. This credit card size access point can connect multiple devices such as your iPhone or a laptop. I havent bought a gadget in awhile, but this might be the one. mifi_full Sitting on the plane for three hours in a delay might be more tolerable if you can get online. Not having to pay for TMobile hotspot access and not being tethered to your laptop, all great features. But what about the dangers?  Wireless security is a challenge here and it should be addressed sooner rather than later. The wireless risks actually havent changed. But the reality is that if someone uses the MiFi to connect their IPhone rather than using the ATT network to browse, do you think they will think as much about security as if they used a laptop? Probably not.  Using portables to get online doesnt seem as dangerous as a laptop does it? People equate more “data” risk with a laptop, but most portable devices have tons of stored data, contacts, files etc. They are at risk and the education isnt there yet about these risks. Should you be running antivirus on your portable device? Should you have an iPhone Firewall application? So what do you need to do? Well the steps are pretty much the same as for other wireless hotspot access points: 1) Require encrypted authentication 2) Change default username and passwords 3) Disable broadcast of the SSID 4) Enable logging and alerting 5) Have hostbased security tools such as antivirus, firewalls and intrusion detection on your portable devices if possible. If you are so old fashioned that you dont have one of these in your pocket and you need a hotspot, try the HotSpot finder Jiwire, http://www.jiwire.com/  Here are some interesting Wifi hotspot stats from Jiwire

Top 10 Location Types

Rank Type Locations
1 Hotel / Resort 59,224
2 Cafe 39,310
3 Other 38,430
4 Restaurant 37,159
5 Public Space / Public Building 19,386
6 Store / Shopping Mall 16,063
7 Office Building 10,145
8 Pub 5,478
9 Hotzone 5,413
10 Airport 2,938
 

Gary Bahadur

baha@kraasecurity.com

http://www.kraasecurity.com

http://blog.kraasecurity.com

http://twitter.com/kraasecurity

*Vulnerability Management

*Compliance & Policy Development

*PGP Security

*FREE Website Security Test

Enhanced by Zemanta
Verizon has launched the pocketable MiFi router. The MiFi 2200 has CDMA with EV-DO Rev. A. So you can roam around without a datacard as the only means for your laptop on the middle of nowhere. This credit card size access point can connect multiple devices such as your iPhone or a laptop. I havent bought a gadget in awhile, but this might be the one.  mifi_full Sitting on the plane for three hours in a delay might be more tolerable if you can get online. Not having to pay for TMobile hotspot access and not being tethered to your laptop, all great features. But what about the dangers?  Wireless security is a challenge here and it should be addressed sooner rather than later. The wireless risks actually havent changed. But the reality is that if someone uses the MiFi to connect their IPhone rather than using the ATT network to browse, do you think they will think as much about security as if they used a laptop? Probably not.  Using portables to get online doesnt seem as dangerous as a laptop does it? People equate more “data” risk with a laptop, but most portable devices have tons of stored data, contacts, files etc. They are at risk and the education isnt there yet about these risks. Should you be running antivirus on your portable device? Should you have an iPhone Firewall application? So what do you need to do? Well the steps are pretty much the same as for other wireless hotspot access points: 1) Require encrypted authentication 2) Change default username and passwords 3) Disable broadcast of the SSID 4) Enable logging and alerting 5) Have hostbased security tools such as antivirus, firewalls and intrusion detection on your portable devices if possible. If you are so old fashioned that you dont have one of these in your pocket and you need a hotspot, try the HotSpot finder Jiwire, http://www.jiwire.com/  Here are some interesting Wifi hotspot stats from Jiwire

Top 10 Location Types

Rank Type Locations
1 Hotel / Resort 59,224
2 Cafe 39,310
3 Other 38,430
4 Restaurant 37,159
5 Public Space / Public Building 19,386
6 Store / Shopping Mall 16,063
7 Office Building 10,145
8 Pub 5,478
9 Hotzone 5,413
10 Airport 2,938
 

Gary Bahadur

baha@kraasecurity.com

http://www.kraasecurity.com

http://blog.kraasecurity.com

http://twitter.com/kraasecurity

*Managed Security Services

*Vulnerability Management

*Compliance & Policy Development

*PGP Security

*FREE Website Security Test