pros-cons

The Difference between SIEM and UBA

The latest 2015 Verizon Data Breach Investigations Report indicates that insider threats continue to be a top security concern. As employees go rogue, one effective insider threat prevention technology that has been instrumental for IT security is User Behavior Analytics (UBA). If you currently use a security identity event management (SIEM) tool to monitor user…

Gartner Recognizes Varonis in 2015 Market Guide for File Analysis Software

Having spent the past decade pioneering and building out a range of solutions for managing and protecting critical data, we are pleased to report today that Gartner has recognized Varonis in its 2015 Market Guide for File Analysis Software. File analysis, according to Gartner, is used for three primary reasons: to increase operational efficiency, lower…

500px-Arrows-folder

Another Look at Folder Permissions: Beyond AGLP

AGLP is Microsoft’s four-letter abbreviation for guiding admins in setting permissions in an Active Directory environment. Account, Global, Local, Permission just means the following: you put user accounts (A) into global groups (G), put the global groups into domain local groups (L), and then grant permissions (P) to the domain local group. Makes sense, right?…

cloud_img

Data in the Cloud – What You Need to Know

Everyone’s talking about the cloud – but what exactly is it?  Should you move your data to the cloud? How do you take advantage of the agility that the cloud offers, without putting your data at risk? Make sure you understand the basics of migrating and storing your data in the cloud:  the risks, rewards,…

Inside the World of Insider Threats, Part II: More on Motivation

One area the CMU CERT researchers looked into was the chain of events that cause a law-abiding employee to become an insider menace. For those who want to learn about the models the CMU team came up with, they’re welcome to read this fascinating paper on the topic. But I think I can summarize the…

We’ve Been Recognized by Gartner

We have good news to share. Gartner, a leading independent provider of IT advisory and market intelligence, has mentioned us in their first ever “Gartner, Market Guide for Data-Centric Audit and Protection (Lowans and Perkins, Nov. 2014)”. Gartner has given us a check mark in all five Data-Centric Audit and Protection (DCAP) categories: Data Discovery,…

The Journey to File Permission Perfection  

More devices than ever. More platforms to choose from. An expanding universe of data choices that can be both exciting and confusing at the same time. Tablets, phablets, laptops, iOS, Android, Windows, UNIX/Linux file servers, and NAS devices. Add SharePoint, Dropbox, Google Drive, and LinkedIn to the mix. These are all awesome platforms for allowing…

Interview With NYU-Poly’s Professor Justin Cappos: Security Lessons From Retail Breaches

I had the chance to talk with cyber security expert Justin Cappos last month about the recent breaches in the retail sector. Cappos is an Assistant Professor of Computer Science at NYU Polytechnic School of Engineering. He’s well known for his work on Stork, a software installation utility for cloud environments. In our discussion, Professor…

NTLM warning

A Closer Look at Pass the Hash, Part III: How NTLM will get you hacked (and what you should do about it)

I was about ready to wrap up this series of posts (part 1, part 2 ) on PtH and make my larger point, which is that you should assume hackers will break into your system. And then I learned new information about credential stealing that amplifies this warning by a factor of 10. The most…