http://sei.cmu.edu/feeds/tag/Updates on changes and additions to the SEI Blog for posts matching Situational Awarenessen-usMon, 13 Jul 2020 00:00:00 -0400https://www.sei.cmu.edu/blog/situational-awareness-cybersecurity-architecture-5-recommendations/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesIn this post on situational awareness for cybersecurity, we present five recommendations for the practice of architecture in the service of cybersecurity situational awareness (SA)....Phil GroceMon, 13 Jul 2020 00:00:00 -0400https://www.sei.cmu.edu/blog/situational-awareness-cybersecurity-architecture-5-recommendations/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesNetwork Situational AwarenessSituational Awarenesshttps://www.sei.cmu.edu/blog/situational-awareness-for-cyber-security-architecture-tools-for-monitoring-and-response/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesVisibility into the activities within assets enables network security analysts to detect network compromises. Analysts monitor these activities directly on the device....Timothy ShimeallMon, 11 May 2020 00:00:00 -0400https://www.sei.cmu.edu/blog/situational-awareness-for-cyber-security-architecture-tools-for-monitoring-and-response/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesNetwork Situational AwarenessSituational Awarenesshttps://www.sei.cmu.edu/blog/situational-awareness-for-cybersecurity-architecture-network-visibility/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesNetwork compromises cannot be detected without visibility into the activities within assets. Network security analysts can view these activities in one of two places....Timur SnokeMon, 23 Mar 2020 00:00:00 -0400https://www.sei.cmu.edu/blog/situational-awareness-for-cybersecurity-architecture-network-visibility/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesNetwork Situational AwarenessSituational Awarenesshttps://www.sei.cmu.edu/blog/engineering-for-cyber-situational-awareness-endpoint-visibility/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesIn this post, we aim to help network security analysts understand the components of a cybersecurity architecture, starting with how we can use endpoint information....Phil Groce, Timur SnokeMon, 10 Feb 2020 00:00:00 -0500https://www.sei.cmu.edu/blog/engineering-for-cyber-situational-awareness-endpoint-visibility/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesNetwork Situational AwarenessSituational Awarenesshttps://www.sei.cmu.edu/blog/situational-awareness-for-cybersecurity-three-key-principles-of-effective-policies-and-controls/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesSecurity measures are most effective when it is clear how assets are supposed to be used and by whom....Angela HornemanMon, 18 Nov 2019 00:00:00 -0500https://www.sei.cmu.edu/blog/situational-awareness-for-cybersecurity-three-key-principles-of-effective-policies-and-controls/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesSituational AwarenessNetwork Situational Awarenesshttps://www.sei.cmu.edu/blog/situational-awareness-for-cybersecurity-assets-and-risk/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesWhen key business assets are not adequately protected from cybersecurity breaches, organizations can experience dire consequences....Angela Horneman, Lauren CooperWed, 16 Oct 2019 00:00:00 -0400https://www.sei.cmu.edu/blog/situational-awareness-for-cybersecurity-assets-and-risk/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesNetwork Situational AwarenessSituational Awarenesshttps://www.sei.cmu.edu/blog/managing-the-risks-of-ransomware/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesRansomware poses a growing threat to both businesses and government agencies. Though no strategy can fully eliminate these risks, this post provides recommendations....David Tobar, Jason FrickeFri, 11 Oct 2019 00:00:00 -0400https://www.sei.cmu.edu/blog/managing-the-risks-of-ransomware/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesNetwork Situational AwarenessCyber MissionsBest Practices in Network SecuritySituational Awarenesshttps://www.sei.cmu.edu/blog/situational-awareness-for-cybersecurity-an-introduction/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesSituational awareness (SA) helps decision makers throughout an organization have the information and understanding available to make good decisions in the course of their work....Angela HornemanMon, 09 Sep 2019 00:00:00 -0400https://www.sei.cmu.edu/blog/situational-awareness-for-cybersecurity-an-introduction/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesNetwork Situational AwarenessSituational Awarenesshttps://www.sei.cmu.edu/blog/cache-poisoning-of-mail-handling-domains-revisited/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesIn 2014 we investigated cache poisoning and found some in some damaging places, like mail-handling domains. It can't be assumed behaviors on the internet continue unchanged....Leigh MetcalfWed, 20 Jun 2018 00:00:00 -0400https://www.sei.cmu.edu/blog/cache-poisoning-of-mail-handling-domains-revisited/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesNetwork Situational AwarenessSituational Awarenesshttps://www.sei.cmu.edu/blog/12-risks-threats-vulnerabilities-in-moving-to-the-cloud/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesOrganizations continue to develop new applications in or migrate existing applications to cloud-based services. The federal government recently made cloud-adoption a central tenet of its IT modernization strategy....Timothy MorrowMon, 05 Mar 2018 00:00:00 -0500https://www.sei.cmu.edu/blog/12-risks-threats-vulnerabilities-in-moving-to-the-cloud/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesNetwork Situational AwarenessBest Practices in Network SecurityCloud ComputingSituational Awarenesshttps://www.sei.cmu.edu/blog/declaring-war-on-cyber-terrorismor-something-like-that/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesBuzzwords are a mainstay in our field, and "cyberterrorism" currently is one of the hottest. But how does the definition of "terrorism" change when adding the complexities of the Internet? What does the term "cyber terrorism" actually mean?Leigh Metcalf, Deana Shick, Eric HatlebackThu, 01 Feb 2018 00:00:00 -0500https://www.sei.cmu.edu/blog/declaring-war-on-cyber-terrorismor-something-like-that/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesSecurity VulnerabilitiesSituational AwarenessNetwork Situational AwarenessCyber MissionsCERT/CChttps://www.sei.cmu.edu/blog/improving-data-extraction-from-cybersecurity-incident-reports/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThis SEI Blog post is the first in a series on improving useful data extraction from cybersecurity incident reports, focusing on work done by the SEI and US-CERT.Samuel PerlFri, 29 Sep 2017 00:00:00 -0400https://www.sei.cmu.edu/blog/improving-data-extraction-from-cybersecurity-incident-reports/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesNetwork Situational AwarenessCyber MissionsSituational Awarenesshttps://www.sei.cmu.edu/blog/ransomware-best-practices-for-prevention-and-response/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesOn May 12, 2017, in the course of a day, the WannaCry ransomware attack infected nearly a quarter million computers. WannaCry is the latest in....Alexander Volynkin, Angela Horneman, José MoralesWed, 31 May 2017 00:00:00 -0400https://www.sei.cmu.edu/blog/ransomware-best-practices-for-prevention-and-response/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesBest Practices in Network SecurityCyber MissionsNetwork Situational AwarenessRansomwareSituational Awarenesshttps://www.sei.cmu.edu/blog/best-practices-for-network-border-protection/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesWhen it comes to network traffic, it's important to establish a filtering process that identifies and blocks potential cyberattacks...Rachel KartchMon, 15 May 2017 00:00:00 -0400https://www.sei.cmu.edu/blog/best-practices-for-network-border-protection/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesBest Practices in Network SecurityCyber MissionsNetwork Situational AwarenessSituational Awarenesshttps://www.sei.cmu.edu/blog/best-practices-for-ntp-services/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThe network time protocol (NTP) synchronizes the time of a computer client or server to another server or within a few milliseconds of Coordinated Universal Time (UTC)....Timur SnokeMon, 03 Apr 2017 00:00:00 -0400https://www.sei.cmu.edu/blog/best-practices-for-ntp-services/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesBest Practices in Network SecurityCyber MissionsNetwork Situational AwarenessSituational Awarenesshttps://www.sei.cmu.edu/blog/six-best-practices-for-securing-a-robust-domain-name-system-dns-infrastructure/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesDiscover six best practices to design a secure, reliable infrastructure and present an example of a resilient organizational DNS in this SEI blog post.Mark LangstonMon, 06 Feb 2017 00:00:00 -0500https://www.sei.cmu.edu/blog/six-best-practices-for-securing-a-robust-domain-name-system-dns-infrastructure/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesNetwork Situational AwarenessCyber MissionsBest Practices in Network SecuritySituational Awarenesshttps://www.sei.cmu.edu/blog/distributed-denial-of-service-attacks-four-best-practices-for-prevention-and-response/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesLate last month, Internet users across the eastern seaboard of the United States had trouble accessing popular websites, such as Reddit, Netflix, and the New York Times....Rachel KartchMon, 21 Nov 2016 00:00:00 -0500https://www.sei.cmu.edu/blog/distributed-denial-of-service-attacks-four-best-practices-for-prevention-and-response/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesSituational AwarenessNetwork Situational AwarenessCyber MissionsBest Practices in Network SecurityDistributed Denial Of Service (DDoS) Attackshttps://www.sei.cmu.edu/blog/the-dyn-attack-who-participated-who-was-impacted/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesDive deeper into indirection participation in the Dyn attack and its effects in this informative SEI Blog post.Angela HornemanWed, 02 Nov 2016 00:00:00 -0400https://www.sei.cmu.edu/blog/the-dyn-attack-who-participated-who-was-impacted/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesNetwork Situational AwarenessCyber MissionsSituational Awarenesshttps://www.sei.cmu.edu/blog/choosing-history-profile-simple-network-flow-anomaly-detection/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesOne of my responsibilities on the Situational Awareness Analysis team is to create analytics for various purposes....Angela HornemanFri, 08 Apr 2016 00:00:00 -0400https://www.sei.cmu.edu/blog/choosing-history-profile-simple-network-flow-anomaly-detection/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesNetwork Situational AwarenessSecurity VulnerabilitiesCERT/CCSituational Awarenesshttps://www.sei.cmu.edu/blog/border-gateway-protocol-update-metric-analysis/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesMRT is a file format used in BGP; in particular, it is used when the router writes updates into a log file....Leigh MetcalfTue, 15 Dec 2015 00:00:00 -0500https://www.sei.cmu.edu/blog/border-gateway-protocol-update-metric-analysis/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesNetwork Situational AwarenessSecurity VulnerabilitiesCERT/CCSituational Awareness