This is Shannon Lietz's Typepad Profile.
Join Typepad and start following Shannon Lietz's activity
Join Now!
Already a member? Sign In
Shannon Lietz
Recent Activity
As developers move more aggressively to utilize the Public Cloud, Agile, Continuous Integration, and Continuous Deployment as its method for innovation, it is surely going to place pressure on security practitioners to join and move towards a Continuous Security concept. In the last few months, I've come to learn this... Continue reading
Posted Oct 30, 2013 at Advanced Security Defenses
Anton Chuvakin shared this post on the need to monitor workloads as they migrate to the Public Cloud: Gartner: Start security monitoring in the public cloud. As stated in this article, it is not common practice for security monitoring of Public Cloud assets because of the shared responsibility model that... Continue reading
Posted Oct 30, 2013 at Advanced Security Defenses
Image
Note: This post was written for Splunk 4.2 on Linux. Some concepts may be similar for other versions but you should consult the Splunk docs. I've been hands-on working with a Splunk implementation again and found myself looking for good documentation on their Deployment Server functionality to help train others.... Continue reading
Posted Jan 21, 2012 at Advanced Security Defenses
You can't really blame folks for installing solutions in default mode OR can you? I've worked with a lot of companies and technology professionals during my career and it seems like going default is more common than you would expect. Many organizations buy solutions and don't realize that they have... Continue reading
Posted Jan 2, 2012 at Advanced Security Defenses
Image
Planning big security projects or changes? Security project management is not for the weak of heart. It takes nerves of steel for most project managers to jump in and tackle the security frontier simply because of the nuances and complexity. And likewise, there are very few technical security professionals that... Continue reading
Posted Dec 9, 2011 at Advanced Security Defenses
It's amazing to me that these days you hardly have to leave the confines of your home or office to test the effectiveness of social engineering at your organization. In bunny slippers and armed with a cup of coffee, a skilled engineer can run several different use cases in a... Continue reading
Posted Dec 3, 2011 at Advanced Security Defenses
Ever engage in Mad Libs when you were young? I remember them vividly because of many long summer car rides up the coastline. And six months ago the concept came in quite handy when developing security use cases for our SIEM implementation. A creative moment in a long and painful... Continue reading
Posted Dec 3, 2011 at Advanced Security Defenses
Image
Making security more tangible has been a long-standing and recently revitalized goal of mine. This year it even seems more relevant because it is simply not enough to have a few talented security individuals who defend the organization from attack but instead security requires whole company participation with increased awareness... Continue reading
Posted Dec 3, 2011 at Advanced Security Defenses
It is quite common for novice and hobbyist attackers to break into an environment through an unpatched system and upload modded files to effectively over-write the functionality that may already exist within your environment in order to hide their activities. On Linux, this may consist of uploading a rootkit that... Continue reading
Posted Dec 3, 2011 at Advanced Security Defenses