Posts By Jean-Paul Bergeaux

Sep 01, 2015 By Jean-Paul Bergeaux In Blog

Insights from Black Hat and DEFCON 2015: Active Directory vulnerabilities pose risks

Although it didn’t make a big news splash, one of the best presentations at both Black Hat and DEFCON provided a comprehensive summary of all vulnerabilities, configuration issues, and best security practices for enterprises using Microsoft Active Directory. This was the first presentation at these conferences by Sean Metcalf, who is more...

Read More

Aug 12, 2015 By Jean-Paul Bergeaux In Blog

BlackHat and DEFCON Highlight Dangers Ahead

In my sprint through five days of sessions, demonstrations, presentations and conversations at this year’s DEFCON and BlackHat conferences, I noted several compelling security challenges that cannot be ignored by those in the defensive security field. I summarize some of the issues and problems below. I intend to explore them more fully in...

Read More

Aug 04, 2015 By Jean-Paul Bergeaux In Blog

DEF CON Promises a Secure Network for Attendees. Should I Trust It? (Hint: I’ll be using Airplane mode)

I have been to several cyber security conferences over the last few years and was always astounded that they even offered free WiFi, as if it were a joke.  Why would I connect to anyone’s WiFi among a collection of security people, especially considering it’s not hard for any random person to get close enough to either hack through the...

Read More

Jul 29, 2015 By Jean-Paul Bergeaux In Blog

Android Vulnerability Highlights Two Basic Security Principles

When addressing mobile security, enterprise security teams typically focus on defending the internal organization from attack, both because mobile devices have access to applications and data and because mobile devices can introduce vulnerabilities aimed at exfiltrating data.  Yes, many MDM and mobile AV products defend the device itself, but...

Read More

May 27, 2015 By Jean-Paul Bergeaux In

The Evolution of an Attack: Moving Beyond Malware

Today’s most dangerous cyber threats are the cyber “snipers” who hide within the noise created by less advanced threats. Here’s how they work: Cyber attackers begin by funding and encouraging attacks by botnets, mass phishing Emails, morphing malware and other APTs in order to overwhelm their targets with threats.  Then when the bad...

Read More

May 22, 2015 By Jean-Paul Bergeaux In Blog

RSAC Recap: Two Sessions That Made Me Think

At the recent RSA Conference 2015, I attended some fascinating meetings and sessions filled with valuable insights. Here are two of them whose presentation slides are available for PDF download: Hacking Exposed: Beyond the Malware No surprise here.  George Kurtz from CrowdStrike has become a staple of RSAC best sessions.  Joined by Dmitri...

Read More

May 07, 2015 By Jean-Paul Bergeaux In Blog

Increase Security, Not Complexity

Walking around the RSA Conference, I saw many innovative and powerful security tools that could help federal agencies.  However, two problems make it difficult to add any of them to the Security Operations Center (SOC):  Cost and Complexity. We all know there is no silver bullet, despite what many vendors will tell you about their products. ...

Read More

Feb 20, 2015 By Jean-Paul Bergeaux In Blog

Anthem Hack Should Silence Calls For Regulatory Over Voluntary

The NIST Cyber Security Framework was created in response to President Obama’s call for our Federal Government to do more to help American companies secure their environments.  The framework is a voluntary starting point for companies to use, instead of having to start from scratch or hire a security firm to create a baseline to work...

Read More

Feb 04, 2015 By Jean-Paul Bergeaux In Blog

Offensive Cyber Warfare

Last fall I attended a presentation by Ryan Sherstobitoff, Principal Security Researcher from Intel Security, about how his lab had put together a system of honeypots and honeynets to capture and document what a ring of cyber hackers were doing in Asia and North America.  I was very impressed and intrigued.  First, the quality of...

Read More

Jan 22, 2015 By Jean-Paul Bergeaux In Blog

Why Virtualize NGFWs?

After the blog I wrote about the dirty little secret of virtual appliances, a few people asked why it’s such a big deal to virtualize a Next-Generation Firewall (NGFW) anyway.  “Why not just use appliances?  You don’t need that many of them,” they said. I knew right away where the disconnect was. Traditional security environments only...

Read More