IBM Tivoli Security Operations Manager 4.1 – Fundamentals
In this 4-hour Web-based training course, you will use IBM Tivoli Security Operations Manager 4.1 to learn its fundamentals and operator tasks.
After completing this course, you should be able to:
- Install and configure IBM Tivoli Security Operations Manager 4.1
- Configure and collect events from sensors
- Investigating Events
- Correlating Events
Who will benefit from this course
This course is intended for implementers and administrators who need to correlate security events.
- Intrusion detection: Understand the basic concepts of intrusion detection
- TCP/IP: Understand IP addresses, networks, and ports
Click here for order information.
Federal prosecutors are going after a Florida college student who allegedly installed spyware on a woman’s laptop to covertly snap nude photos of her through her webcam.
Craig Matthew Feigin, 23, is charged (.pdf) in U.S. District Court in Gainesville with violating the federal Computer Fraud and Abuse Act. Feigin was arrested by local police last July.
The case began when the victim noticed changes in her computer’s behavior after giving it to Feigin for overnight repairs, the Gainesville Sun reported at the time. Every time she got near her laptop, the light on her webcam switched on.
A friend with IT experience examined the system, and found that someone had installed the remote access program Log Me In, and software called Web Cam Spy Hacker, which Feigin himself sold online as a tool for catching cheating spouses. Over three weeks, the software allegedly uploaded some 20,000 images of the woman to an Eastern European web server before it was detected.
Read the full article on Wired.
On October 1, 2008 the PCI SSC released version 1.2 of the PCI DSS requirements. There are a number of changes as outlined previously in the update document. The PCI SSC has established a life cycle process that will ensure the PCI DSS standard is revised and updated on a two year cycle. What follows is a detailed outline of the differences between version 1.1 and 1.2 (some that have not been discussed previously) and the implications of those changes. (Unless otherwise noted, those items in quotations are taken directly from the PCI DSS or the update document linked above.)
Good dissection of the new reg from the PCI Blog.
The shiny new version of SP800-55, renamed “Performance Measurement Guide for Information Security“, takes a rather different tack but is still quite long (80 pages in total, half of which are appendices). I suspect the primary reason for its existence is to suport FISMA (the US Federal Information Security Management Act, essentially a set of information security policies mandated in law for US Government agencies) by imposing a standardized set of metrics that can be used to benchmark agencies and force the laggards to pull their socks up. It remains a highly beurocratic and costly response to a genuine management problem.
Another draft NIST standard, SP800-80 “Guide for Developing Performance Metrics for Information Security“, emphasises the process of developing and implementing security metrics. It includes a shorter list of STTCBM (‘candidate metrics’), but again takes a database approach with forms in the appendices characterising the metrics by ‘metric type’, ‘frequency of collection’ etc., details which, by the way, are organization and implementation-specific and really not that hard for grown-up security managers to figure out for themselves.
Read the full article on the (ISC)2 Blog.
IBM is targeting retail security with a package of software and services designed to prevent physical loss of merchandise, protect against electronic threats and comply with credit card industry regulations.
SecureStore, announced Wednesday, combines surveillance and RFID systems with software that protects online and in-store transactions, as well as software that protects databases and applications from network-based threats, IBM said. While SecureStore mainly consists of pre-released products from IBM divisions such as Internet Security Systems (ISS), Tivoli and Rational, Big Blue’s Val Rahmani says it is unique in that it brings together products from various parts of IBM to address one industry segment, and re-architects the products so they fit together and are optimized for retail.
Read the full article on Network World.