in case you have 1.5 spare hrs...
i haven't gotten all the way through it yet, but i will...
Wednesday, August 29, 2007
Tuesday, August 28, 2007
nifty AD tool
soooo, i just heard about this new app made by the folks over at varonis...
basically, it crawls through your AD users and share perms, and can produce audit reports (for sox and the like) that say "this user has read access to these file/dirs, and full control on these files/dirs". it'll help you find open shares and all of that.
i can think of one company off the top of my head that could really use this app ;)
anywho, the nifty bit about it is that once you have it running (and you presumably have cleaned up your perms and all of that), then it begins to watch the patterns of file usage, and can generate reports on files which people have perms to but never access. and better than that, it can recognize changes in file access patterns. so in theory this will let you see a disgruntled employee attempted to do malicious things to data they have access to, or will let you see an employee copying data in preparation of leaving the company, etc....
unfortunately, they are a newer company and they might be a little too proud of their stuff... donno the details on pricing, but the rumor i heard was if you have a few hundred users, you might be pushing six figures.... ick...
basically, it crawls through your AD users and share perms, and can produce audit reports (for sox and the like) that say "this user has read access to these file/dirs, and full control on these files/dirs". it'll help you find open shares and all of that.
i can think of one company off the top of my head that could really use this app ;)
anywho, the nifty bit about it is that once you have it running (and you presumably have cleaned up your perms and all of that), then it begins to watch the patterns of file usage, and can generate reports on files which people have perms to but never access. and better than that, it can recognize changes in file access patterns. so in theory this will let you see a disgruntled employee attempted to do malicious things to data they have access to, or will let you see an employee copying data in preparation of leaving the company, etc....
unfortunately, they are a newer company and they might be a little too proud of their stuff... donno the details on pricing, but the rumor i heard was if you have a few hundred users, you might be pushing six figures.... ick...
Monday, August 27, 2007
looks like i've got a lot of reading to do
jdm is a busy sec blogger...
here's some light reading from my new boss... he says these techniques have application in infosec / forensic investigations...
and for RW reading, i'm in the middle of gray hat hacking... just skip the first section, which is a bunch of ethical foo, which most everyone either already subscribes to, or won't... from there it's been really good. i'm still early on, in an assessment area, but it looks like it gets to be really tech heavy into some good stuff later on...
here's some light reading from my new boss... he says these techniques have application in infosec / forensic investigations...
and for RW reading, i'm in the middle of gray hat hacking... just skip the first section, which is a bunch of ethical foo, which most everyone either already subscribes to, or won't... from there it's been really good. i'm still early on, in an assessment area, but it looks like it gets to be really tech heavy into some good stuff later on...
Subscribe to:
Posts (Atom)