magazi ne

e
I T SECURI TY EXPERTS ONLY
2014. SEPTEMBER NO. 01
Table of contents
Events
Blog
Interview
Books
Movies
Report
Analysts
eCSI camps
3
45
67
8
9
1011
12
13
September
2014
October
2014
Conference Title: IDC Frankfurt
Where: Frankfurt, Germany
11
Conference Title: AppSec USA (OWASP National Conference)
Where: Denver, Colorado, USA
i
16-19
Conference Title: 3rd International Conference
of Cryptography and SEcurity
Systems (CSS14)
Where: Lublin, Poland
22-24
i
Conference Title: Cyber Security Expo
Where: ExCeL London, UK
8-9
i
Conference Title: VB2014-24th Virus Bulletin
International Conference
Where: Seattle, WA, USA
10-11
i
BalaBit will
participate
BalaBit will
participate
EVENTS
Want to participate a good IT security event this
September? Chose from the recommendations below!
3
If you are the IT/security manager of a financial organization, its obvious to you that the Payment Card Industry
Data Security Standard (PCI DSS) is mandatory for your company. Among others, the PCI DSS requires the
implementation of a central access control system and the audit of all administrative accesses to card holder
information. There should be several superusers (administrators, IT contractors, executives, and so on) at your
company, who may have unrestricted access to credit card systems and a card data leakage incident might
result in serious consequences, such as huge fines and reputation damage for your company
System logs cant provide all necessary information about user activities, so the majority of administrative actions
remains unmonitored. Consequently, you need to find a solution to control and audit the remote access of your
internal and external administrators.
Ready for PCI-DSS v3.0? Check out our new white
paper on PCI-DSS compliance and privileged
activity monitoring
by Gbor Marosvri
4
BLOG
SHELL CONTROL BOX A PERFECT FIT FOR PCI DSS 3.0 COMPLIANCE
The BalaBit Shell Control Box (SCB) solves exactly these problems by introducing an independent audit layer
to oversee the sessions of your privileged users. SCB is an activity monitoring appliance that controls
privileged access to remote servers and networking devices and records the activities into searchable
movie-like audit trails. Your existing IT environment requires no change and your staff can do their daily jobs
without affecting the user experience.
After the new 3.0 version of PCI DSS was published in November, we decided to revisit our very popular
compliance-related white papers. Since PCI DSS is such an important standard, we decided to dedicate a white
paper exclusively to this topic. This paper discusses the advantages of using Shell Control Box (SCB) to audit
remote access to UNIX/Linux and Windows servers, networking devices, and virtualized applications to comply
with the latest PCI DSS standard. The document is recommended for technical experts and decision-makers
responsible for data security and/or for policy compliance. From this paper you can learn:
What SCB is and what are its benefits in a compliance environment.
How SCB helps you to fulfill the PCI DSS v3.0 requirements in detail.
To download a copy of the PCI DSS compliance and Privileged Access Monitoring white paper
click here.
Enjoy!
(The Svenska Handelsbanken, the SIA Group, The National Bank of Kuwait as well as The Central Bank of
Hungary are all satisfied customers of SCB.)
BLOG
5
OUR COMMUNITY MANAGER, PTER CZANIK PARTICIPATED THE OPEN SUSE
CONFERENCE THIS YEAR IN DUBROVNIK WHERE HE MET ANDREW WAFAA WHO
CURRENTLY WORKS AT ARM AND, SIMILARLY TO PTER, DEALS WITH OPEN
SOURCE USERS. PTER MANAGED TO CONDUCT A LITTLET INTERVIEW WITH HIM,
YOU CAN READ IT IN THE FOLLOWING LINES.
Pter Czanik
When/why did you start
working on ARM Linux?
Andrew Wafaa
I started working on ARM
Linux in 2011, just after the
openSUSE Conference. After
one too many bottles of Old
Toad (openSUSEs own
beer), I started to get people
interested and kicked the
project off.
Pter Czanik
What are you doing at ARM?
Andrew Wafaa
My official title at ARM is
Principal Engineer, Open
Source. This is a technical
marketing role, which covers
everything and nothing
Effectively my role is to ensure
that the Open Source community
can
run and work well on ARM, and
ensuring that ARM continues to
be as good an Open Source
citizen as possible. This means that I
work across all divisions, which is fun
and interesting. ARM Linux is used
now in many NAS and SoHo routers.
Pter Czanik
Where else can sysadmins run into
ARM based Linux systems?
Andrew Wafaa
ARM is starting to make inroads into
the server space already. Baidu have
deployed Marvell powered ARM
servers for their cold storage solution,
there are also some entrepreneurial
hosting companies which are offering
ARM nodes as physical servers.
Pter Czanik
What are the main advantages of
ARMv8?
Andrew Wafaa
The biggest advantage with ARMv8
is that it provides a real 64bit
computing architecture with a very
low power consumption foot print.
64bit computing is the defacto
standard in the enterprise now, and
for ARM to be successful in the
enterprise we need to be able to
offer what customers want.
Pter Czanik
What hardware would you
recommend for sysadmins to get
known with ARM?
Andrew Wafaa
For ARMv8 people should be able
to get either Applied Micro X-Gene
or AMD Seattle powered devices.
These are the first ARMv8 platforms
on the market and have been
demonstrated at various
conferences, both this year and the
end of 2013. For ARMv7, there is a
wide choice AllWinner boards
being popular and cheap, Samsung
boards are also good.
Pter Czanik
When/why did you start
working on ARM Linux?
Andrew Wafaa
I started working on ARM
Linux in 2011, just after the
openSUSE Conference. After
one too many bottles of Old
Toad (openSUSEs own
beer), I started to get people
interested and kicked the
project off.
Pter Czanik
What are you doing at ARM?
Andrew Wafaa
My official title at ARM is
Principal Engineer, Open
Source. This is a technical
marketing role, which covers
everything and nothing
Effectively my role is to ensure
that the Open Source community
can
run and work well on ARM, and
ensuring that ARM continues to
be as good an Open Source
citizen as possible. This means that I
work across all divisions, which is fun
and interesting. ARM Linux is used
now in many NAS and SoHo routers.
Pter Czanik
Where else can sysadmins run into
ARM based Linux systems?
Andrew Wafaa
ARM is starting to make inroads into
the server space already. Baidu have
deployed Marvell powered ARM
servers for their cold storage solution,
there are also some entrepreneurial
hosting companies which are offering
ARM nodes as physical servers.
Pter Czanik
What are the main advantages of
ARMv8?
Andrew Wafaa
The biggest advantage with ARMv8
is that it provides a real 64bit
computing architecture with a very
low power consumption foot print.
64bit computing is the defacto
standard in the enterprise now, and
for ARM to be successful in the
enterprise we need to be able to
offer what customers want.
Pter Czanik
What hardware would you
recommend for sysadmins to get
known with ARM?
Andrew Wafaa
For ARMv8 people should be able
to get either Applied Micro X-Gene
or AMD Seattle powered devices.
These are the first ARMv8 platforms
on the market and have been
demonstrated at various
conferences, both this year and the
end of 2013. For ARMv7, there is a
wide choice AllWinner boards
being popular and cheap, Samsung
boards are also good.
SOURCE
PHOTO
8
Attracted to the smell of books? Are you going on a holiday but dont have
a book to read? Have a look at the following book and give it a try!
If you are tired of American crimes, go and try this Danish detective
movie. Kvinden i buret, as its original title is, offers you an interesting
story and excellent screenplay with flashbacks. Talented but stubborn in-
spector has no choice but working in the basement with assistant Assad
on cold cases after having made a mistake while on duty. Opening up
an unresolved case and going deeper into it, the two find hidden details
that will throw new light upon the case: did Merete, the successful politi-
cian commit suicide or someone took her life? The only witness is
Meretes mentally disabled brother who communicates hard and does
not open up for anyone.
NOT REALLY INTO BOOKS?
RATHER SIT IN FRONT OF
THE TV? WATCH THIS CRIME
MOVIE THAT WE HIGHLY
RECOMMEND TO YOU!
THE KEEPER OF
LOST CAUSES
2013 / 97 MINUTES / CRIME | MYSTERY | THRILLER
9
84% of IT security risks are a result
of human elements while only half of
budgets are spent to defend against
them announces BalaBit the RSA
survey results at the Gartner Identity
& Access Management Summit 2014
REPORT
Respondents ranked the
main risk factors accord-
ing to their share of IT
budgets in the following
order:
30% prioritized external attackers above all other risks,
28% said system malfunctions are most important,
17% voted for automatic attacks.
While protection against human errors and internal
attackers were a top budget priority for only a small
minority of respondents (13% and 12%, respectively).
REPORT
REPORT
1
0
The biggest difference that our survey
revealed is that IT professionals clearly see
that human errors cause 51 percent of their
losses. But when they are planning their
budget, only 13 percent of them put
preventing human errors at the top of the
list and even 40 percent of respondents
ranked human errors as least important. If
companies are aiming to spend their IT
security budget responsibly, its high time
to do away with this commonly held
fallacy- said Zoltn Gyrk, CEO of BalaBit
IT Security.
But, when IT security
threats were ranked in
order of potential costs,
results show a very dif-
ferent picture:
51% of those surveyed said that human errors cause
the greatest financial loss, and
only 18% for external attackers,
15% for internal attackers,
9% for system malfunctions and 7% for
automated attacks.
Are you listening to the key people in the industries? Here are
some analysts in the IT Security field you should focus on.
Analysts
Gartner: Forrester: KuppingerCole:
ANTON CHUVAKIN
FELIX GAEHTGENS
ANDRAS CSER ALEXEI BALAGANSKI
MARTIN KUPPINGER
MARK NICOLETT
KELLY KAVANAGH
ANT ALLAN
1
2
WELCOME TO ECSI TRAINING CAMP
BECOME AN ECSI OFFICER
Get a fresh insight of post-crime and pre-crime IT investigations
from a series of videos designed to educate and entertain.
GET CERTIFIED
The series consists of modules that can be taken one by one.It
covers all the bases and does not throw you in at the deep end.
Each module ends with a via-phone test and comes complete
with a certificate issued at BalaBit HQ, Budapest. (Now, that in
itself should be enough to send your heart racing)
GETTING STARTED
For Module 1 there are no requirements. Completion of Module 1
is a prerequisite for all subsequent modules!
APPLY HERE
eCSI camp
1
3
We hope you enj oyed!
THE eCSI MAGAZI NE NO. 2 WI LL BE
PUBLISHED I N THE BEGI NNI NG OF
OCTOBER WI TH FRESH CONTENT.
DESI GN: