esphion.blogs.com
Esphion: What is Zero Day protection?
http://esphion.blogs.com/esphion/2005/10/what_is_zero_da.html
Laquo; Deep packet inspection - A security risk? Of butterflies and raindrops. ». October 21, 2005. What is Zero Day protection? Let me try to clear up some confusion about the meaning of. Unfortunately, many vendors of security solutions modify the definition of this term as needed, to make their products appear in the most positive light. After all, they all want to be able to say: We offer zero day protection! Well, not so quick, please. On one hand, and the. Was, in effect, exploiting a zero day vuln...
esphion.blogs.com
Esphion: Rescuing the IPS
http://esphion.blogs.com/esphion/2005/09/rescuing_the_ip.html
Laquo; What is 'proactive detection'? Anomaly Detection 101 ». September 26, 2005. Lately, as we are talking to customers and partners, we are increasingly hearing one particular message more and more often:. Disappointment in the performance of IPSs . budgets being reallocated from IPS deployment projects to NBAD projects. In this article, I would like to explore where the disappointment comes from, and how IPS deployments (and investments) can be rescued. The wonderful world of IPS marketing. The prime...
esphion.blogs.com
Esphion: Network traffic surgery - Or: How to remove bad traffic with fine-grained signatures
http://esphion.blogs.com/esphion/2005/06/network_traffic.html
Laquo; How much time do you have to stop a worm? Network self-vaccination: Applying the biological model of the adaptive immune system to networks ». June 10, 2005. Network traffic surgery - Or: How to remove bad traffic with fine-grained signatures. One of the problems that many organizations have when being faced with network anomalies, such as DDoS attacks and worm outbreaks, is the fact that it is hard to remove the traffic from their network, while keeping the business running. This would not be ide...
esphion.blogs.com
Esphion: Your private threat-detector
http://esphion.blogs.com/esphion/2005/11/your_private_th.html
Laquo; Of butterflies and raindrops. Worms exploring new territories ». November 17, 2005. We all know that it is a good idea to place smoke detectors throughout our houses. In theory, though, we could also wait for the neighbors, or the community in general, to call the fire-department once they see flames coming out of our house. Or if there is a larger fire in our neighborhood, we could assume that the sound of the sirens will be enough to alert us. If your network is targeted by a specific DDoS attac...
esphion.blogs.com
Esphion: New liabilities - Or: Why anomaly detection has to be part of best-practices security
http://esphion.blogs.com/esphion/2005/08/new_liabilities.html
Laquo; What Zotob is teaching us - Or: The shrinking patch-window. The business worm ». August 19, 2005. New liabilities - Or: Why anomaly detection has to be part of best-practices security. In an opinionated, but insightful article. Worm outbreaks as security events. This means then that organizations in certain industries, in which regulations apply such as the Sarbanes-Oxley act. May face severe penalties for any such security incident. At the same time, these organizations are burdened with an I...
esphion.blogs.com
Esphion: Industry Observations
http://esphion.blogs.com/esphion/industry_observations
April 03, 2007. Firing-Up The Esphion Blog. We're firing-up the Esphion blog again! We've had our heads-down for the past year growing the business and developing the next generation of our solution. So, there is lots to talk about. More to come. April 03, 2007 in Industry Observations. September 07, 2005. Interesting post over at the Infosecurity blog. In which Mike looks at different approaches - and makes a key point in that anomaly detection is part of any layered defense model.
esphion.blogs.com
Esphion: Selling vulnerabilities to the highest bidder
http://esphion.blogs.com/esphion/2005/09/selling_vulnera.html
Laquo; The business worm. Red Herring ». September 01, 2005. Selling vulnerabilities to the highest bidder. In my recent article about the. Yesterday then, the. However, the article points out that if the offered bounty is not satisfactory to the discoverer of the vulnerability, they may just find someone else who is willing to pay more. The implication is, of course, that we may witness the beginning of a large-scale black-market for newly discovered vulnerabilities. September 01, 2005. I mean thomas sa...
esphion.blogs.com
Esphion: Worm detection - You need to do it yourself
http://esphion.blogs.com/esphion/2005/08/worm_detection_.html
Laquo; Don't assume - Or: Why intelligent anomaly detection is needed. Distributed computing for anomaly detection ». August 06, 2005. Worm detection - You need to do it yourself. Recently, as outlined in this CNET article. The details are explained in that article. In essence, those networks use honeypots. And the monitoring of activity on unused IP addresses to detect worm activity or capture worm samples. Both approaches can be detected with different techniques. Worse yet: A fast spreading worm, such...
esphion.blogs.com
Esphion: Red Herring
http://esphion.blogs.com/esphion/2005/09/red_herring.html
Laquo; Selling vulnerabilities to the highest bidder. Anomaly Detection. ». September 07, 2005. We're thrilled to have been named one of Red Herring. S Top 100 Private Companies of Asia. The list is Red Herring’s 2005 selection of the 100 most promising private technology companies in Asia. Cool. Here is what Greg (our CEO) had to say in his press release:. September 07, 2005 in Esphion News. You changes sound great! Good luck to everyone in the election(s). Posted by: pandora online. The comments to thi...