Tuesday, October 1, 2013

Integris Security Tools - Test Yourself Before Your Attackers Do

Integris Security has recently launched their FREE online enabled security tools in conjunction with National Cyber Security Awareness Month.  These tools were typically only available from within a command line interface (CLI) and require low level knowledge of the tools themselves. The Integris Security Tools removes this requirement and extends these tools to within a web browser and even your smart phone. You simply sign up for an account, validate some information and your ready to begin using these tools.  Simply enter a URL/Fully Qualified Domain Name, IP Address and, in some circumstances, a port number.

Depending on the particular scan and the latency between our servers and the target server, scans can take several minutes. Because of this, we've included the capability to have scan results emailed to your registered address. Otherwise, you will receive scan results within your current browsers session.

Available tools currently include the following types of technologies.

  • SSL/TLS Server Strength
  • Port Scanner
  • HTTP Security Scanners
  • Domain Name Checkers
  • Web Framework Scanners
  • DNS Amplification Tester
  • and more...
We're continually investigate adding additional tools to increase the value of our free offering.

We highly encourage you to sign up and begin using these tools to help you increase your security posture.

Our service offerings include capabilities above and beyond these tools. If you require a more thorough, more in depth analysis then do not hesitate to email us at sales (at) integrissecurity (dot) com, call us at +1(516)750-0478 or visit our website at https://www.integrissecurity.com/.

For more information on National Cyber Security Awareness
Month, please visit http://www.staysafeonline.org/ncsam/.

Friday, September 20, 2013

Washington Navy Yard Shootings

Statement from Joe Concannon on Washington Navy Yard Shootings

Former NYPD Captain and New York City Council candidate Joseph Concannon issued a statement today that the horrific murders by a Queens man in Washington DC is an urgent reminder of our need to be prepared as public servants, as private citizens, and as businesses.
Joe Concannon with PBA President Pat Lynch
Joe Concannon with PBA President Pat Lynch at Manhattan Reception
September is National Preparedness Month. We should all be reviewing our personal plans to be prepared for such incidents. Terrorism, foreign or domestic, is alive and well and New York City cannot afford to let its guard down. Whether in our homes, places of business, public spaces, such as malls, parks, or public concerts we need to be vigilant. City agencies and businesses need to review their preparedness plans for Active Shooter Incidents (ASI) and other emergency crises.
This is a tragic reminder that we need to keep our law enforcement organizations strong and give them the tools and the means to protect us. Remember that NYPD will be the very first responders on the scene of any such incidents. We, as residents of the number one target city in the world, need to make sure to empower the NYPD to do their jobs with the urgency and efficiency that our situation in New York City calls for.
The victims of the Washington Navy Yard massacre included civilians, service members and police officers. Our hearts go out in prayer to the families of the loved ones who perished in one of the most deadly attacks on a military installation.
Joseph Concannon, a distinguished public servant for over 30 years in the NYPD and former Deputy Director for Public Safety in the Giuliani administration, is now running for City Council in Eastern Queens, District #23 on the Reform Party line. He has public/private background as CEO of the FBI InfraGard Program here in NYC and presently is president of his own business, Integris Security LLC. His lifelong career in law enforcement and the private security sector makes him the city’s top authority on public safety and security for New York City.

Tuesday, July 23, 2013

Open for Business - Integris Security LLC

www.integrissecurity.com is now live
July 23, 2013             

Good evening everyone,

We broke ground about 40 days ago and here's our story:

Integris Security LLC has grown out of years passion for protecting our city, state and nation, its critical infrastructures and providing industry professionals with the best of breed solutions, practices and top notch security awareness. As things change for us from InfraGard to Integris Security LLC one thing will never change - the importance of nurturing your TRUST.
InfraGard a national public/private program of the FBI is the crossroad that brought us together as individual security professionals and that frames the very basis of our focus as a private security
company. Our security journey at InfraGard is well documented at NYM Infragard. We understand all too well the meaning behind Confidentiality, Availability and Integrity; in part its where we derived our name from. Each member of our staff at Integris is a vetted security professional.
For twelve years we've been taking the calls, learning what keeps you up at night and the utter frustration some of you are going through. The gentle balance of security and functionality continues and is a struggle that many professionals in industry have to deal with as a part of their daily routine. We have been busy identifying products, solutions, building bridges between the public and private sectors by seeding discussions, helping others to manage their expectations by providing our analysis, perspectives and at times putting out some fires. We've taken a bumpy ride with you on Wireless, BYOD, Network Security, DLP, The Cloud, Intelligence and much more. We've asked and will continue to ask the questions over and again what are we protecting, why are we protecting it and who owns the data?
At Integris Security we can help you emphasize and prioritize the importance of what's critical to running the business, in identifying the data to be protected, in testing to identify your vulnerabilities, identification of what and who is on your network, in helping you resolve audit recommendations and provide you with a roadmap for future success.
It all starts with building the trust.
We are very excited to continue the security journey with you and invite you to contact us with your security, risk management needs or if all you need is someone to listen as you walk us through your security/risk management concerns.
  1. www.integrissecurity.com is live

Thursday, July 18, 2013

InfraGard Conference Call 7/17/13

Good afternoon all,

Earlier today I had the good fortune to be on the InfraGard NYC weekly conference call.  We were discussing an issue I raised in our Linked-In Group, Integris Security Insights.  If you'd like to be invited to the group just let us know.  The group is a terrific group of security professionals.

On the linked-in group I try to be mildly provocative and sometimes even a little sarcastic given the incident or situation of the day.  In this weeks post I asked the question do you know who's on your network or what's on your network?

The point is this: too many companies have no idea how to even begin to wrap their hands around these questions.  For larger companies this can get complex.  For smaller to mid sized companies we have something which could answer some of your troubles.  

Take a look at Lan Sweeper as a tool which can help you map your network, count your machines, switches, routers, software licenses and more.  Their may also be some "open source" resources and when and if we find them I'll post it here.

Have a great day!

Joe Concannon

Wednesday, July 17, 2013

Integris Security is coming on line and our security services offering is now in development.  Stay tuned as we ramp things up and take our work from construction to ready for prime time.  Hang with us and be patience.

Friday, March 22, 2013

All Grown Up: GRC Is The New Frontier

Guidance Software is located in Pasadena, California and is recognized as the worldwide industry leader in digital investigative solutions.  The EnCase platform is very well known to industry professionals and to some extent that is both a blessing and a curse.  Guidance Software has grown up and now provides a diversified set of products capturing digital evidence and breaking deeper into enterprise operations.   Some may be surprised as this once thought of detective’s tool is now ready for the board room.

Guidance Software holds its annual CEIC Conference and this year General Michael Hayden will keynote regarding emerging global cyber attack hotspots.  Hayden is a catch and this is not to be missed.  This is the annual May event that Guidance showcases each year and generally is very well received.

The last time I spoke to anyone from Guidance Jim Doyle was running their NYC Sales and consulting operations.  So last night I caught up with one of Guidance’s Sales Executives for the NYC region and we talked.  In this post I’ll  highlight just some of the conversation and how that simple, one off digital forensic product has expanded deep into the enterprise.  

GRC Ready....Are You?
The first place to start here is “EnCase” now featuring version 7.06 in Digital Forensics and available in four flavors Enterprise, Forensic, Portable and Tableau Forensic. Guidance provides powerful and comprehensive instruction and training for those breaking into the product line for the first time and great refresher for those looking back and wondering if they hit all the points.  On line, on-demand training via Adobe Connect is driving even greater saturation into the market place and providing easy and up to date product and web facing familiarity.  Getting to know V7 is a mouse click away for our forensic investigators and enterprise personnel.  Well done Guidance Software.

Wordle Capture
From my point of view I was looking for more information in how Guidance Software is breaking further into the enterprise.  I learned for instance investigators can reach out over the web and remotely capture information needed.  Acquiring data from disk or RAM, documents, images, e-mail, webmail, Internet artifacts, Web history and cache, HTML page reconstruction, RAIDS, workstations, servers and with V7: smartphones and tablets.  Our favorite forensic tool has indeed grown up to be a powerful forensic toolkit standing at the ready.  Something Guidance would label as complete Endpoint Visibility.  Well, not too many years ago that meant visiting every location and seizing computers and/or servers.  The remote capability is a real draw to the product line.

Perhaps one of the more unexpected areas Guidance Software has moved into is the Governance Risk and Compliance areas (GRC).  Frankly I just hadn’t put Guidance Software’s EnCase on my radar for GRC.  But with EnCase Enterprise edition your getting a very powerful software application with powerful automation tools.  The gold standard comes with a price that promises to make some a little queasy.  But the Enterprise Edition is going to let you see over the entire network and report on a wide variety of governance, risk and compliance issues.  For me this brought our dinner conversation last night full circle.  As we then dug into GRC and applications and tools provided by EnCase Enterprise combined with Adobe Connect lessons available right on the web this purchase could be viewed as answering some distressing questions left on the table after your last audit.  Check out Guidance Software and let me know if you find another similar product in the market place that comes close.

Thursday, March 21, 2013

Reality Meets Business Continuity

Reality Meets Business Continuity
(Planning for the unexpected)

In prepping for today’s InfraGard weekly conference call I was handed a couple of links directing me into the discussion of Cyber Warfare.  The first article dated Thursday 21 March 2013 by Hayley Dixon of the UK “The Telegraph” sent me thinking about the Prime Minster of Britain during the 1930’s, an era of “appeasement” and the old saying don’t bury your head in the sand.  Well, as history has noted Chamberlain’s Munich Agreement didn’t last long enough for the ink to dry - as war broke out on September 1, 1939.  So I read with some laughter,Rules of cyberwar set out for the first time in NATO manual”.  A regular how to or more exactly “what not to do” if your nation state is considering going to war.

Then I thought would Hitler abide by those rules?  Hmm.....I’m thinking probably not.  However, he might at first glance say let me get back to you on that.  Now ironically right under the title heading and giving way to more of my own dry humor is a photo of “An  Iranian technician ......Uranium Conversion Facility.....”.  The Iranians (posture) are just preparing for cleaner electric, improved power generation, right?  Just thinking dictators, despots, and the like and compliance with international standards such as they are.  What’s the rational thinking for compliance and who will enforce those standards?  The United Nations?  Read the article here: CLICK HERE

Right after that I navigated over to the FOX BUSINESS REPORT.  The Fox people reported servers at TV stations as well as a number of banks have either been shut down or severely disrupted.  The report was inconclusive on the origin and the hunt is going on to find the culprits of this intrusion.  Read here: CLICK HERE 

I gained additional insight when I read the CSO security and risk blogs on a DDOS attack on South Korea and then Jeremy Kirk has a good post on Linux Wiper malware used in S. Korea attacks (The attacks also targeted Windows computers’ master boot records).  Read here: CLICK HERE and CLICK HERE 

Whether the attacks originated from the web site of the Korean Software Property Right Council or somewhere else the point should not be lost are you prepared?  What is going to happen when the lights go out?  Whether its a hurricane, an act of war or some other incident is your business up to handling a disaster.  

The word “resiliency”  comes to mind and while fishing around on CSO I found Derek Slater posted a couple of good links on the topic of risk management.  Read here: CLICK HERE 

 Resiliency has to be brought into the board room for a frank go around and pondering what if we can’t anymore?  Which leads me into that non starter for budget tightening bureaucrats that rate Business Continuity Planning (BCP) as the last thing on their radar.  While BCP may not be the sexy star of corporate board rooms it may in fact save their bacon at the end of the day, no pun intended.  A strong BCP program soundly developed and managed can help mitigate some of the impact from even the most unforeseen disasters.  While it is noted that these programs cost money now, in the long term a more strategic view by executives from all stripes will be saying yes we can should another major incident hit our shores here at home.

3/21/2013 2115 hrs.

FDNY Watchline Report

South Korea Hit with Major Cyber Attack – Thousands of computers at three major banks and three broadcast companies in South Korea went down Wednesday in coordinated attacks traced to an IP address in China.  Despite this lead, however, North Korea is the suspected perpetrator in this most recent attack, as well as five others in the last three years. North Korea threatened to retaliate for joint (annual) military exercises between South Korea and the U.S., as well as Seoul’s support for U.N. sanctions against the North. By Thursday, one bank was up and running, but it may take the other five companies until next week to resume operations. Additionally, the U.S.-based Committee for Human Rights in North Korea was hacked.

Assessment: Analysts said the attacks are typical of North Korea—designed to frighten or show off—rather than those from China that seek to steal sensitive information. The state-sponsored attacks, which suggest the goals of terrorists, may explain bank and broadcasting targets. By some accounts, the victims in this case were in fact  demoralized as larger questions regarding cyber warfare continue. In Congressional  testimony this week, a  Rand expert offered that the figurative cyber “September 12” response was as important as preventing a “cyber 9/11.”  Experts, while answering key questions on U.S. vulnerability, continue to assess China and Russia as “the two state actors capable of perpetrating cybergeddon.”

Rand Report:

Google Research by FDNY:

3/22/2013 11:57 hrs
North Korea Suspected in Cyber Attack Despite China Link:

The Associated Press

Initial investigation links Chinese address to SKorea cyberattack; experts
suspect North Korea

Investigators have traced a coordinated cyber attack that paralyzed tens of
thousands of computers at six South Korean banks and media companies to a
Chinese Internet Protocol address, but it was still unclear who orchestrated the
attack, authorities in Seoul said Thursday.

Read More: CLICK HERE 

Theories Abound on Wiper Malware Attack Against South Korea:

The Threat Post

Disruptions to businesses in South Korea continue today after hackers used wiper
malware to take a number of banks and television networks offline yesterday. A
number of financial systems at a half-dozen banks and production systems inside
South Korea’s major television networks remain down, kicking off speculation as
to who is behind the attacks and how they got in.  Read More: CLICK HERE 

Wednesday, March 20, 2013

Welcome to Security Insights: March 2013

Welcome everyone and thanks to all in the security industry for all you do each day to keep our industries, work force and systems safe and secure.  Its a full time job with limited resources and endless capacity for failures.

In Security Insights I'm hoping to bring to everyone's attention articles and thoughts about what's going on in the industry today.  

Thanks again and we're off and running.

Joe Concannon