Tag Archives: data protection

Incident Response services now available!

Security Incident Response is like firefighting: it’s not something you need everyday, but when you need it, you want the best, and you want it fast.  We’re proud to announce our new cyber security incident response team, and we’d like to tell you what they do, and how best to utilize this new service. We call it SIRT – the Secure Ideas Response Team.

By helping to identify vulnerabilities and weaknesses within your network, we have worked with your organization to minimize the risk of a breach, and to limit the potential damage caused by such an occurrence. But cyber attacks are an inevitable reality of the world today.   We all have seen dramatic increases in cyber-attacks on American companies.  At Secure Ideas we want to prepare our customers for these business-disrupting events, and protect them from the incredibly high costs associated with a traditional breach recovery.

In the event of a security breach – like ransomware, a botnet, or other malware that brings down your business processes – you will need experts who have highly technical incident response training, and the equipment necessary to stabilize, recover, and restore your network environment. You need them fast.

SIRT is here to respond when a crippling attack happens.

Our focus is on stopping the emergency, stanching the flow of your data out of the network, and getting your critical systems back up, as fast as possible.

The costs associated with the restoration of a breach of business-critical systems can be in the millions. And that doesn’t include the costs resulting from customer liability claims, loss of intellectual property, or loss of revenue.

For Secure Ideas customers, there are two main ways you can engage this service: during an incident or on a retainer.

You could wait until you have an incident. When you do, you can give us a call, and SIRT will respond as quickly as they can.

But there are a few reasons why we recommend that you do not wait until you have an incident to take advantage of SIRT, and here’s the most important one:  It is much less expensive if you engage SIRT on a retainer.  We give SIRT customers a 24% discount on hourly rates if we have a retainer agreement in place. And, we bill for fewer hours, because we’ll already have a working knowledge of your network environment and we will have prepared for your emergency response.

Without an established relationship, we will have to begin the response with a rapid assessment, a questionnaire, and an exploratory evaluation of the network. Those take hours – hours that seem like days when you’re in the middle of an emergency.  For retainer customers, we conduct those exploratory questions and inventory in advance, at no cost. This means both that we will know what we are walking into when we receive your call, and that the overall costs of any response are lower:  when we respond to an incident, we charge by the hour – this preparation can save thousands.

SIRT Retainer customers get fast-track service. We promise our retainer customers a one-hour initial callback time, and priority scheduling. Which means we will be on site faster, working to minimize damage, and restore functionality.

We would love to discuss this with you, and send you the retainer agreement to review. Then we can get you in touch with our SIRT members, so that they can answer any questions you may have.  Feel free to reach out to us at info@secureideas.com.

Facebook Removes Privacy Settings (or Why it’s hard to hide information on the Internet)

A few weeks ago Facebook announced the removal of a “Search” setting. That’s their marketing term for a privacy setting. The setting in question allowed a user to prevent his or her Facebook profile from being discovered via Facebook’s search function. Now before you go look for it, you should know that most of us… Continue Reading

Burp Extension for F5 Cookie Detection

Burp Extension for F5 Cookie Detection

 This past February, my fellow colleague James Jardine wrote an excellent blog post called “Decoding F5 Cookie” where he described in detail how F5 load balancers use a persistence cookie (called the BigIP cookie) and how to use a standalone script to decode the value exposing the IP and port of a back end resource.… Continue Reading

Your Passwords Were Stolen: What’s Your Plan?

Your Passwords Were Stolen: What’s Your Plan?

If you have been glancing at many news stories this year, you have certainly seen the large number of data breaches that have occurred. Even just today, we are seeing reports that Drupal.org suffered from a breach (https://drupal.org/news/130529SecurityUpdate) that shows unauthorized access to hashed passwords, usernames, and email addresses. Note that this is not a… Continue Reading

Active Defenses?

Active defense, often mistakenly called hacking back, is a common topic thrown around the security space lately.  And I think there are a number of reasons for this. Current security technologies are beginning to show significant strain.  It seems almost daily there is breach of another large company or government institution.  Many of these companies… Continue Reading

Finding the Leaks

Finding the Leaks

One of the common vulnerabilities we find when performing internal network penetration testing is sensitive data on open SMB file shares.  Now, by “open” I am including both unauthenticated as well as file shares that allow any authenticated user.  It certainly makes sense for organizations to have file shares that are accessible to all employees… Continue Reading

SH5ARK: Taking a Byte out of HTML5

The new features in HTML5 have opened a whole new world of opportunities for developers and for attackers.  Secure Ideas recognized this and  with the help of the DARPA Cyber Fast Track program, started a project call Securing HTML5 Assessment Resource Kit, or SH5ARK.  The intent of this project was to build a repository with… Continue Reading

How To: Encrypting Mac Mail

As a security consultant, frequently traveling, it is critical to implement security controls to protect sensitive data on my computer.  One of the most often overlooked data is locally stored email.  A quick search on the web identified some good ways to encrypt the Mac Mail store.  A great resource that I found was an… Continue Reading