Category

Learning Events

Improve Qualys Guard Investment With Free Training

By | Learning Events | No Comments

Improve Qualys Guard Investment With Free Training

Jacadis recommends factoring training costs into your security control selection process.  Conducting assessments, we routinely find security technology implementations being run by professional staff without the necessary knowledge to effectively use them.  Training typically was not considered in these cases because of the cost.  Training, of course, can cost several thousand dollars just for a course and if travel is required it can easily double that price tag. But training is critical to getting your full investment out of your security tools and it is often the difference between the safeguard working and failing.

Qualys Guards training landing page Read More

What happened on your network last night?

By | Learning Events | No Comments

 

firemon_logo_black

If you’ve ever worked in an operational role, especially on the network team or on the security team, then you know how painful it can be to answer that question.

When I was managing an infosec team back in my retail days, there was nothing I “loved” more than that 3:00 AM phone call from the folks in the command center (one of the most underappreciated teams in IT), who needed me to assist in resolving a production-impacting incident.

Over time, I learned that there were a few things I could do reduce the number of 3:00 AM calls while increasing the amount of sleep I was able to get AND improving the availability of our network.

  • Fully document your environment. How many systems are connected to your network? What apps run on those systems? Who are the business owners? Developing a complete understanding of your environment is critical if you intend to stabilize those systems (i.e., ensure their availability) through patch management and secure configuration management processes.
  • Reduce the complexity of your environment. As organizations grow, their IT infrastructure grows along with them. Over time, your firewall(s) might become littered with rules that no longer needed, creating inadvertent paths from one system to another. As a professional penetration tester, I can assure you that these paths are one of the ways that attackers gain unauthorized access to internal systems.
  • Implement an effective change control process. You’d be surprised at how often systems break because someone made an unauthorized change. (Then again, if you’ve been working in IT for a few years, chances are you wouldn’t be surprised at all.) Maybe a change was made by a system admin who thought they could fix a minor issue without bothering anyone. Or maybe the change went through a basic change control process, but testing didn’t account for the condition that triggered the production-impacting incident. A well-planned, well-documented change control process is one of the most effective preventative controls you can implement to keep you network up and running.

Jacadis continues to seek out technology partners who can help our customers better manage risks to the confidentiality, integrity, and availability of organizational systems and data. QualysGuard does an incredible job of helping organizations understand and document their networks, and FireMon’s product suite is a solid solution for supporting change control processes and reducing firewall complexity. By using both tools in conjunction with one another, you can simplify those processes even further.

As always, if you have any questions about how to improve your organization’s security controls, then please contact Jacadis. We’d love to help.

Get details on both products during the Jacadis/FireMon Lunch and Learn, October 24, 2013.

Jacadis and FireMon Lunch and Learn Event

By | Learning Events | No Comments

How to Find – and Fix First – Network Vulnerabilities Most Likely to Get Attacked

If you run a large network, figuring out what to fix first when vulnerabilities arise is crucial to minimizing your security and compliance risks. This never-ending, high-pressure task determines whether your IT resources are closing the right holes, or getting side-tracked by threats that could be handled later or mitigated in other ways.

Join Jacadis and FireMon to learn how vulnerability scans and network security configuration information can be combined automatically to identify which problems you should tackle first. This risk-centric approach to finding and fixing vulnerabilities delivers greater security and compliance with less effort and expense.

Jacadis and FireMon experts will be on hand to answer questions and discuss your specific security environment.

Click here to RSVP.

Register Now

Tuesday, October 24, 2013 11:30 AM – 1:00 PM

Smith and Wollensky
4145 The Strand West
Easton Town Center
Columbus, OH 43219

FireMon and Qualys Integration Brief
Click here to learn about real-time, risk-centric vulnerability discovery and remediation with Qualys and FireMon.

FireMon recognized as
“Rising 10 of 2013″ for
Continuous Monitoring.
Learn more

FOLLOW FIREMON ON FACEBOOK

FOLLOW FIREMON ON TWITTER

FOLLOW FIREMON ON LINKEDIN

FOLLOW FIREMON’S BLOG

FireMon – 8400 W. 110th Street, Suite 400 – Overland Park, KS 66210

firemon_logo_black