<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=162429800880729&amp;ev=PageView&amp;noscript=1">

The Tech Break

How are you Protecting your Website?

Mar 02, 2017 / by Matt Hannula posted in IT, IT Solutions, Security, IT Services, WAF, Cyber Security, Web Application, Website

At the end of last year, I went to a Cyber Security event and the keynote speaker Charlie Miller, renowned hacker, talked about vulnerabilities in code. In his opinion, because we are human, we make mistakes and when we make mistakes in writing code (very common) vulnerabilities are created. It is stated that 96% of Web applications have code vulnerabilities (Cenzic). Charlie found one tiny vulnerability in his Jeep which allowed him to hack the vehicle and take control of the steering wheel.

Read More

Identity Access Management in an Application Driven World

Feb 16, 2017 / by Matt Hannula posted in IT, Security, IT Services, ROI, TCO, Identity Access Management, Okta

Your employees use a ton of applications whether they are web based, cloud based, or on premise. Making sure your users have access to these applications is integral to business productivity. On the other side of things, making sure you have visibility and policy on which applications can be accessed is extremely important to compliance and the overall security posture of your organization.

Read More

The World of VMware cloud on AWS

Nov 21, 2016 / by Matt Hannula posted in IT, IT Solutions, Security, Cloud Migration, Cloud, IT Services, AWS, Vmware, Datacenter

The leader in private cloud datacenter services and the leader in public cloud services partner to bring the best of both worlds and a hybrid IT solution to your datacenter. Is it a match made in heaven?

Read More

IT Transformational Change

Nov 15, 2016 / by Matt Hannula posted in IT, IT Solutions, Security, IT Services, Transformational Change, Datacenter, strategy

I recently attended an event at San Diego State University known as Link2Cyber.

Read More

Ransomware: To Pay or Not to Pay?

Oct 17, 2016 / by Matt Hannula posted in IT, IT Solutions, Security, Innovation, ransomware, information technology, zero day threats

You know your business better than anyone else. How much money will you lose due to system downtime?  What is your cost to recovery? How much is your data worth? I think the answer here is simple; pay the ransom if it is going to seriously affect your business.

Read More

The CIO: Why they have the Hardest C-level job

Oct 10, 2016 / by Matt Hannula posted in IT, IT Solutions, Security, technology solutions, Technology Road Map, Innovation, CIo, CEO, collaboration, IT Services

Long before technology took over our world, CEOs held the role of total responsibility. If a company started to lose profits, market share, etc. the CEO was to blame.

Read More

CEO vs. CIO: Setting Expectations

Oct 05, 2016 / by Matt Hannula posted in IT, IT Solutions, Security, Technology Partner, technology solutions, migration, Cloud Migration, CIo, CEO

Long gone are the days of business and IT segregation.

Read More

The Merger, Acquisition, & Complex Organization Problem

Sep 14, 2016 / by Matt Hannula posted in IT, Security, technology solutions, access managment, Active Directory, migration, user efficiency, acquisition, merger, single sign on

Are you in the midst of a merger, acquisition, or is your organization complex? If so you may be experiencing this challenge.

Read More

Three Reasons Why I.T. is Important to Your Organization

Sep 14, 2016 / by Matt Hannula posted in IT, IT Solutions, Security, technology solutions, Bird Rock Systems

The digital age has brought amazing innovations to the working world like Skype, Dropbox, Office 365, and so much more. At the same time, the digital age has brought many headaches and concerns. Some in the form of a disastrous Ransomware attack on healthcare systems and others of less grave consequences such as a faulty Wi-Fi connection.

Read More

Palo Alto Firewall: PAN-OS 7.0 is here!

Jul 10, 2015 / by Joseph Javien posted in Palo Alto Networks, PAN, PAN-OS 7.0, Security

Written By Larry Hoehn

Here’s a brief overview of a couple of the new features and upgrades included with the new release PAN-OS 7.0. At a high level, the new version addresses these issues:

  1. Turning alerts into action. According to a report from Ernst & Young, 33% of security professionals don’t know how long it takes to respond to alerts.
  2. Discovering unknown threats. According to the 2014 Verizon DBIR, there were $400M financial losses from 700 million compromised records. Much was from unknown threats and 75% of attacks spread from Victim 0 to Victim 1 within 24 hours.

To help with the first challenge, the ACC tab has been redesigned with actionable data:

That new widget shows application usage – the bigger the box, the more application usage on the network. Red means critical, orange means important. You can quickly get more detail to find critical information with a few clicks. For example, application and user activity:

And network activity with threat levels:

To help with the second challenge (discovering unknown threats): Since WildFire already analyzes 20 million samples per week (and growing), Palo Alto added multi-version detailed analysis with a single virtual machine for different versions of software. For example, a file can be run through several versions of Acrobat to see if malware is targeted to a specific version of that application. They’ve also added a new verdict to WildFire to quickly analyze threats. Previously just “malware” or “benign”, a new verdict includes “Grayware”, for things like Adware and Trackware.

A new feature is the automated correlation engine. It’s an analytics tool that verifies compromised hosts in your network. It scrutinizes isolated events across multiple logs on the firewall, examines patterns, and correlates events to identify actionable information such as host-based activities that indicate a compromised host. The engine includes correlation objects that are defined by the Palo Alto Networks Malware Research team. These objects identify a suspicious sequence of events that indicate a malicious outcome. Correlation objects trigger alerts when they match on patterns that indicate a compromised host on your network. For example:

In the example above, if these four indicators are present, we have an automated trigger to alert there is a compromised host. The following screenshot illustrates how the automated correlation engine combines indicators of threats and highlights the resulting situation as “critical”, which means it exhibits signs of worm activity to help you determine where to focus effort for fast remediation.

There are many more updated capabilities, but these were a few I though you would think are interesting. When you get a chance, take a look at the new version and let me know your thoughts!

 

 

Read More