Did You Know Big Data can Help you Hunt Hackers?

Everyone knows that big data is being used by businesses for many things, mainly along the lines of business intelligence and marketing. However, few people know how much big data is coming into play when it comes to cyber security. There are a variety of applications for big data and cyber security, the collection of intel, social media trends and more.

There is a free webinar coming up about the use of big data for hunting hackers. You can join the webinar here:

https://www4.gotomeeting.com/register/268910071

The webinar is going to be held on February 26th, from 1-2pm.

 

Department of Defense Replaces DIACAP with DIARMF

In 2006, the Department of Defense (DoD) initiated a certification and accreditation (C&A) process for its information technology programs known as the DoD Information Assurance C&A Process (DIACAP). Only one year after implementation, DIACAP was criticized for being slow and inefficient, which could delay important projects for up to full year with no significant improvement in security.

Now, after the collaborative efforts of the DoD and National Institute of Standards and Technology (NIST), a new assessment and authorization (A&A) process has been developed with efficiency and effectiveness in mind using what is known as the risk management framework (RMF). This new process has been dubbed the DoD Information Assurance Risk Management Framework (DIARMF), and several major elements differentiate it from its predecessor.

DIARMF Nomenclature and Processes
Through DIARMF, the RMF process of NIST has been merged with current security controls already in place in federal civilian agencies. This warrants an entirely new set of processes and a new set of nomenclature to reflect the steps.

The first step in DIACAP, initiate and plan C&A, has been split into two separate parts in DIARMF. The first step is to categorize the system while the second step is to select controls. The next process remains the same in both systems: implement the controls.

The third step in DIACAP has again split into two parts for DIARMF. Making the certification determination and accreditation decision is now the two-part process of assessing controls and authorizing the system. The fourth step in DIACAP is in line with the fifth step in DIARMF, but the nomenclature has changed from maintaining authorization to monitoring controls.

DIARMF Assessment and Roles
Aside from the change in names, the actual process of DIARMF A&A is very similar to DIACAP C&A, especially at high levels. Assessment produces a checklist of results that are in compliance with the security controls, and the authorization step is an acceptance or rejection of the risk detailed in the assessment.

In addition, most of the roles in DIARMF are similar to those in DIACAP, and most changes have been made only to reflect the new RMF terminology. However, DIARMF adds one important role that is not present in DIACAP: the common control provider (CCP). The CCP is a manager who deals with inherited controls for systems such as virtualized environments, enclave networks and server clusters. For example, a small system residing in a data center operated by the DoD includes several factors that have already been authorized through the data center. These factors are labeled as inherited and do not need to be reauthorized for the particular system. However, the process of inheritance can be quite complicated, thus the need for the CCP.

Security Controls and Continuous Monitoring
Security controls in DIARMF are more specific than the controls available in DIACAP. One example of this would be passwords. In DIACAP, password policy would normally be a single control, but in DIARMF, a separate control exists for password-policy enforcement with individual controls for each element of the password, such length, characters and complexity.

In addition, requirements for continuous monitoring are stricter in DIARMF than they are in DIACAP. Each control is assigned a refresh rate, and the status at each refresh is uploaded to a federal system called CyberScope for risk analysis and management.

Anyone who is currently still using the DIACAP process should consider preparing for the switch as soon as possible because some of the changes are profound, and it can take considerable time before they become familiar.

DIACAP and DIARMF TrainingDepending on which branch of the Military or Government agency you are with, DIACAP training, now DIARMF training must be tailored to the specific function of that organization. Ce

Cyber Security Education is Making Progress – Has a Conference!!

People in the cyber security arena have been going to training for decades now. Obviously, the shape of cyber changes so frequently with new attacks and new exploits being developed daily. With these rapid changes, cyber security professionals must sharpen their skills consistently to stay up to be able to attack and defend well.

Now, that being said, the current sequester has put a great damper on cyber training in the United States, but don’t worry Congress, while you guys hash out these little details, other countries are getting further and further ahead in their cyber war capabilities, so no biggie, carry on with the bickering until you work out little differences here…

OK, sarcastic rant complete.

The cyber security education field has made strides to the point where there is a conference dedicated to it specifically. NCSI has launched their first annual Cyber Education Symposium. The event will be held in Arlington, Virginia on November 19th and 20th. The event features a lineup of cyber professionals who will be sharing cyber education plans and best practices.

The agenda can be viewed here: Agenda
The speakers lineup can be viewed here: Speakers

So those of you who read this blog for its general IT training information sharing should appreciate an event like this, because its full of whats to come in the cyber education space!

TrainACE and n2grate Collaborate for a Free Hacking Seminar

Remember that time you got a free breakfast and a morning full of free lessons on the latest in hacking? That’s the whole idea behind TrainACE’s free hacking seminar series, aptly named Hacker’s Breakfast. Having organized the events for a couple years now, TrainACE evidently likes to keep a state of variety around the seminar’s themes. For their latest installation, TrainACE has teamed up with n2grate Government Technology Solutions to focus on new mission assurance technologies and web-based security.

It looks like this event is going to feature a number of top professionals in the security industry, with experts from Blue Coat and Solera Networks ready to present on topics like web-based security and application-based security. The keynote speaker will in fact be Brian Contos, VP and CISO for the Advanced Threat Protection Group at Blue Coat Systems. We all know social networking is becoming an increasingly huge presence for companies just as much as individuals, and the Subject Matter Experts set to teach at this seminar will cover the importance of web-based security in the wake of social networking and the use of mobile devices.

Between presentations there will be time for kiosk demonstrations from industry leaders like Solera Networks, Blue Coat, Netronome, and Packet Shaper.  Training seminars, product demos, networking opportunities, AND free breakfast, you say? That’s exactly right! Hacker’s Breakfast is an awesome combination event for employees in the field.

This Hacker’s Breakfast seminar is taking place July 24th at TrainACE’s Ashburn, VA location. This particular seminar is geared at but certainly not limited to government, DoD, and military employees. But you better hurry! Registration is capped at 70 participants!

Find out more and request information to register here: Hacker’s Breakfast by TrainACE.

Yes, You Can Achieve Your PMP Certification Through Online Training

As readers of this blog already know, formal certifications have become increasingly important to organizations in the public and private sectors. That trend has been clearly evident in the field of project management as that profession has evolved, rapidly, with employers insisting that project managers equip themselves with appropriate professional credentials. In that context, the Project Management Professional (PMP) certification, administered by the Project Management Institute (PMI), is the best known and most widely accepted credential in the PM field. PMP certification, according to PMI research published in the most recent edition of the PMI Project Management Salary Survey, is “globally recognized and demanded”.

PMP Pre-Requisites
Candidates for the PMP certification must meet several requirements. Those with bachelor’s or equivalent degrees must have three years of experience, with 4,500 hours devoted to “leading and directing” a project. Those with high school or equivalent diplomas must have five years of experience that includes 7,500 hours of project leadership. In both cases, candidates must have 35 hours of formal education.

Once those requirements are satisfied, candidates are allowed to sit for a four-hour computer-based test consisting of 200 questions. Content for the examination is drawn from the Project Management Body of Knowledge (PMBOK) Guide published by PMI, covering five discrete areas: project initiation, project planning, project execution, project monitoring and control, and project closing.

The test gives each subject a different weight, with some 79 percent of the 200 questions covering the areas of planning, execution, and monitoring and control. Project initiation and closing account for only 21 percent of the test questions.

The educational component of the PMP qualification process can only be satisfied by coursework offered by approved providers. Designated coursework offered by PMI chapters is approved. Other coursework, offered by employers, training schools, colleges and distance-learning providers (like us) also serve to satisfy the educational requirement.

Online Training for the PMP Certification is Increasingly Convenient
For those considering their educational options, the availability of online education can make the process significantly more manageable. Online training is recognized to the same extent as education offered in a physical classroom, and it offers a number of important benefits.

The vast majority of people considering the PMP certification are working professionals and active project managers. The PMP certification is a major exam that requires a great deal of preparation and most of these candidates have a very maxed out work life in addition to perhaps family at home. The online training option makes preparing for the PMP, that much more accomodating.

Candidates can satisfy the educational requirement without having to travel to distant locations. The online option can provide significant savings of time and money, and it makes it easy for candidates to access the mandatory coursework. Internet-based coursework can also make it easy for students to review complicated material, to brush up on topic areas and to refresh subject matter in anticipation of the PMP examination, all at their own convenience and their own speed.

Even if a local venue is available, some candidates may have scheduling issues that interfere with attendance. For others, the practical benefits of the online option may not be terribly important. Those candidates may select the online PMP training experience as a simple matter of personal preference. Regardless of the reason, the availability of accredited online options is a real benefit to PMP candidates.

Hacker’s Breakfast in Greenbelt, MD with FireEye and TrainACE

Malware prevention giant FireEye is teaming up with TrainACE to offer a Hacker’s Breakfast training event in Greenbelt, MD. Whats more, the event is FREE.

TrainACE has been doing this Hacker’s Breakfast series for a couple of years now. The events usually have different themes and this one is focused on Advanced Persistent Threat, Attack and Defend. Thats the reason they brought in Malware giant, FireEye.  In fact, FireEye has been all over hacker news lately with their discovery of the Operation Beebus attacks from China on the US DoD and DoD contractors.

The event is being held at the Hilton Garden Inn in Greenbelt, MD on April 3rd. Again, the event is free and there will be breakfast served and then hacking demos / malware discussion all morning. it wraps up at about 12:30pm.

Details and registration for this free hacking / malware event with FireEye and TrainACE can be found here:

http://www.hackersbreakfast.com/

The Emergence of Python as a “Must Know” Language for Cyber Security Pro’s

Programming has become essential to cyber security. IT security professional must efficiently write applications and scripts; often on short notice. The Python language provides unmatched ease, flexibility, and functionality for both new and experienced coders. It has emerged as a top choice for cyber security professionals because it lessens development effort and the coder’s learning curve. 

Python Is Designed For Users
Python is a high-level, interpreted language based on C and C++ and influenced by several other languages. First released in 1991 by principal developer Guido van Rossum, Python excels at readability and ease of use. It allows even novice programmers to be productive in a short amount of time. Python is designed for rapid application development, a methodology that suits the fast-paced and shifting security environment. Cyber professionals can quickly prototype, test and deploy an application.

Python offers the versatility of running as a script or executable and is cross-platform. It is ideal for mixed code environments as it integrates easily with other languages. Programmers can wrap existing C or C++ code to behave like native Python, and they can create or extend modules in C, C++, Java or .NET. Python’s scripting capability can also be embedded in other applications.

Python Beats Competition at Rapid Application Development
Cyber security experts code for several scenarios and need speed, reusability and functionality. Python’s support of the rapid application development methodology enables testers, hackers, and systems administrators to create and customize tools. Coders can quickly prototype new Web applications and clients. Python’s simplicity and vast libraries let hackers deploy code to capture packets, decrypt passwords, and engineer other attacks. Common tasks such as scanning ports can be easily automated. Python’s modular design and clean syntax make code easier to extend and maintain. In a changeable security environment, this timesaving efficiency is critical.

In spite of its powerful capabilities, Python is easy to learn and is often referred to as a beginner’s language. Its terse code and strict syntax make it highly readable. Security experts from other language backgrounds or with minimal programming experience can learn it more quickly than verbose languages such as Ruby and C++. Unlike tackling C++, novice coders can use Python without a detailed understanding of object orientation.

Cyber security professionals with diverse coding backgrounds need to produce the same testing and threat neutralization results. As a high-level language, Python allows users to focus on the coding goal rather than low-level procedures. It uses dynamic typing to aid rapid development. Languages that employ static typing, such as Java, require more programming effort to declare and manipulate types. Coders also save time with Python’s automatic memory management and exception handling.

Python Is Versatile
Python’s versatility is another advantage in the cyber security world. Unlike Perl, Python is designed to be a major programming language. Perl offers powerful scripting capabilities and works well as a glue language using small programs. However, Python is suited for both scripting and for creating complex, compiled applications. Its scalability makes it a solid default choice for diverse coding needs within an organization.

Security specialists often need to build on existing code, such as canned test programs, written in other languages. Python integrates with C, C++, Java, and .NET as a module or embedded script. Coders can use the ctypes module, the Python C API, or a wrapper generator such as SWIG. The ability to extend existing software saves developer time and preserves existing functionality already serving a vital security role.

Python Has Powerful Libraries
Hackers, penetration testers, and other security experts need a language library that provides the entire spectrum of features to create powerful and often novel programs. Python comes with modules to support Web activities such as parsing HTTP and XML and building clients. Django and other open-source Web frameworks are available from developers favoring the rapid application development methodology. Third-party modules offer robust features, such as optimized calculation handling, that make Python an increasingly solid language for data applications.

Python’s simple and clean structure, modular design, and extensive library make it ideal for security applications. Cyber experts rely on the capability to rapidly code programs and the feature set to implement new strategies and techniques. No other language offers as powerful a combination, and Python stands as the must-know language for the serious security professional.

For more information on Python for Security Professional’s training, visit: http://www.trainace.com/courses/python

Follow

Get every new post delivered to your Inbox.

Join 25 other followers