Vendor-Neutral Security Videos and Whitepapers

Paper: Network Access Control (NAC) (April 23, 2022)

Video Version

Gaining access to a network should be more than forcing user and device authentication via credentials like user IDs, passwords, biometrics, and certificates. Network access control (NAC) extends access management to processes designed to assess the state of devices attempting access to a network. This assessment ensures that each device complies with a set of defined policies. NAC helps ensure that only devices hardened based on associated risk achieve resource access.

Paper: Use the Cyber Kill Chain for End-user Device Security (April 20, 2022)

Video Version

End-user devices are the greatest threat to network security, with a generally standard attack path depicted in the Lockheed Martin Cyber Kill Chain, as shown in Figure 1. Use of the kill chain helps identify risks against user devices, both mobile and static, by providing the threat actor's perspective. Breaking links in the chain hinders or prevents a threat actor from compromising a user device and using it as an attack pivot point.

Media Sanitization Guide (White paper, 2019)

Protecting sensitive information requires attending to where the information is located and used throughout its lifetime. This document guides how to manage sensitive information when the media on which it resides is no longer used for that purpose. These management processes are collectively known as media sanitization.

Media comes in several forms: magnetic, paper, solid-state, and optical. I address sanitization across all of these media types, including how to meet associated data erasure challenges. Further, this guide provides steps and considerations needed to implement and manage media sanitization policies and procedures.

Download paper

DNS Basics (Video)

This video explains and demonstrates how DNS works. This is helpful to prepare for my papers on DNS security.

Watch video at YouTube

DNS Cache Poisoning

There are several facets to DNS security. In this paper we focus on one of the most dangerous types of attack – DNS cache poisoning. To provide a complete picture of this threat, we’ll explore how DNS works, two ways crackers facilitate cache poisoning, what impact this type of attack can have on your organization, and steps you can take to protect your information assets

Download paper

DNS Tunneling Identification and Defense (White Paper, 2019)

Domain Name Service (DNS) traffic freely travels across network perimeters and internal network segments. Organizations cannot arbitrarily block this UDP port 53 traffic because doing so would break most, if not all, network communication. Malicious actors (MA) know this and have found ways to exploit DNS for their purposes.

One example of how MA exploit DNS is tunneling. DNS tunneling enables command and control (C2) and data exfiltration traffic for which most organizations do not look or are unable adequately to detect.

This paper helps organizations understand the threat and available defense solutions.

Download paper

Strengthen Security with an Effective Security Awareness Program

You’ve developed a world class security program. Your technology-based defenses are cutting edge. Your security team is well trained and ready to handle anything that comes its way. So you’re done, right? Not quite. One of the most important pieces of an effective information asset defense is missing – employee awareness.

In this paper, I define security awareness, list the objectives of an effective awareness program, and I step through a process to build, implement, and manage on-going support of the program

Download paper

Fundamentals of Storage Media Sanitization

One of the most fundamental principles of information security is that it’s all about the data. Data in transit or at rest is the primary focus of administrative, physical, and technical safeguards. Security professionals are doing better every day when it comes to protecting information in static production environments. But what happens when magnetic, optical, or semiconductor media is repurposed or retired?

In this paper, I define media sanitation and how it fits into an overall security program. Next, I examine how attackers can extract information from electronic media—even after it’s been overwritten. Finally, I explore ways you can protect your organization from attacks—both casual and highly motivated.

Download paper

Keystroke Dynamics: Low Impact Biometric Verification

Biometrics has long been one of the solutions touted by security vendors to meet multifactor authentication objectives. However, user acceptance and cost issues often prevent organizations from adopting biometrics as a solution. This isn’t to say that other multifactor solutions are any less cost prohibitive. The capital expenditure and on-going maintenance costs of token-based systems are often higher than those for biometrics. Solutions based on keystroke dynamics might help meet these business challenges.

In this paper, I look at biometrics in general. This includes success factors for implementation and user acceptance. I also look at how the effectiveness of biometric solutions is measured. This is followed by an examination of keystroke dynamics technology, including its history, how it works, and why it may be the answer for organizations with people or cost issues.

Download paper