Security through Intelligence

Adam Vincent

Subscribe to Adam Vincent: eMailAlertsEmail Alerts
Get Adam Vincent: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories by Adam Vincent

Twitter on Ulitzer Last night Twitter.com was hacked by a group purportedly titled the Iranian Cyber Army, at least that is what people think based on the fact that this group advertised they were responsible by displaying a redirected web page with an Iranian flag and text that takes credit, saying "This website has been hacked by the Iranian Cyber Army". This morning another website (mawjcamp.org), which appears to be a Iranian Reformist website based outside of Iran was also found to have been hacked. This event comes at a time when the United States Government is saying that cyberspace is the next frontier for "organized" military/terrorist organizations to attack US critical infrastructure. Most probably don't think that Twitter is critical, however this does represent a formidable day in the cyber war as although there have been other organized attacks to date,... (more)

Cyber Espionage – Knowing You Are a Target

The existence of a persistent cyber-espionage threat to the military, government, and defense contractors is nothing new. While the ability of these organizations to react and remediate attacks against their networks is still often demonstrably lacking, there is now at least some level of cognizance of the threat and even an expectation of serious, repeated attacks. Awareness is obviously a vital first step on the road to solid security and attack prevention. The widespread press coverage in early 2010 of the compromise of Google and several other companies’ networks brought the... (more)

Using Avalanche for Real-Time Information Sharing

Last Friday at ICS-ISAC’s Fall Conference, I participated on a panel with Aharon Chernin and Johan Rambi that discussed STIX/TAXII and Avalanche.  As a recap, STIX is an emerging standard to describe Cyber Threat Intelligence.  TAXII is a protocol/service that allows STIX XML instances to be exchanged. Avalanche is a soon to be released open source product created by the FS-ISAC that exchanges STIX via TAXII between organizations. Think of STIX as a super language like XML. It’s a starting point to creating an infinite number of standards. In order to make STIX usable as a means... (more)

What is a Threat Intelligence Platform

Last week, Anton Chuvakin from Gartner wrote a blog about what he is calling an Intelligence Management Platform. He includes some thoughts by Facebook on how they are building their own platform.  He alludes to non-public sources and I’m sure ThreatConnect™ is one, so rather than keep you all in suspense, I thought this would be an opportune time for ThreatConnect to say what we think a Threat Intelligence Platform is. Rick Holland from Forrester said recently at a SANS conference that the threat intelligence platform is like the quarterback of your operations. The threat intel... (more)

Combating Sophisticated Cyber Threats

I was part of a panel titled “Developing Security Strategies to Successfully Combat Sophisticated Threats to your Network, while Protecting Customer Privacy” at the TM Forum conference two weeks ago.  Given the topic, and the interesting conversation, I wanted to highlight some of the ideas expressed around sophisticated threats. Verizon’s Marc Spitler, and AT&T’s Brian Rexroad. Daniel O’Donnel from Network Critical and Ajay Uggirala from NetScout, and Martin Huddleston from United Kingdom (UK) Ministry of Defense (MoD) accompanied me on the panel. In essence, cyber-attack is big... (more)