Followers of the Solutionary Minds blog and frequent visitors to Solutionary.com may have noticed some significant changes to the web site. First-time visitors will not realize that anything has changed at all (trust me, it has). After months of work, the Solutionary team is happy to unveil the latest iteration of the Solutionary web presence. A few of the highlights include:

• More video – See Solutionary team members discussing a variety of topics.
• Resource Center – Find Solutionary content like datasheets, white papers and webinars here.
• News and Events – See our recent...

read more >

Tags: it security, security, Solutionary

Oracle released a patch to address the vulnerabilities discussed in our previous post, regarding issues affecting Java 7 Update 10. However, it appears this patch may not fully address the issue but is focused only on browser plug-ins. Users are still being advised by the community to disable Java until all known aspects of this vulnerability have been fully addressed. In addition to the recommendations outlined in our previous post, Solutionary recommends that clients install the current update but keepJava disabled and closely monitor browser activity from users. As always, it is strongly advised that... read more >

Tags: 0-day, java 0-day, java vulnerability, Solutionary

So, being a full-time Incident Response Team Lead (IRTL) for the Solutionary Security Engineering Research Team, I bet you’re thinking I’m going to start chatting about incident response. Your guess would be right. My intent here is to focus on the small details that may be overlooked when creating an incident response plan. This is just the first of a series of blogs where I will discuss some of the more important topics in incident response. In each, I will highlight some frequently overlooked key details. These details often make the difference between a very difficult incident and a manageable one. As this is my first blog with Solutionary, it is worth mentioning that I uphold a philosophy to keep discussions short and simple with no fluff. In our culture and society, information overload is commonplace. This often becomes a problem, especially when... read more >

Tags: incident response, Solutionary, log management, security policy, SERT

I was on a sales call recently when a client requested an example of how our Security Engineering Research Team (SERT) provides specific security intelligence that results in the protection of the client base. This was a great question, and I wanted to take a moment to provide a real-world example of the value that SERT delivers to both the client base and the security community at large. Malware Reverse Engineering SERT performs ongoing malware and threat analysis, and regularly provides consumable threat intelligence to the rest of the Solutionary engineering teams. In one particular case, SERT obtained an image of a suspected infected machine residing on a client network. SERT performed a full analysis of the image and isolated the malware specific files. SERT then performed reverse engineering using advanced static analysis techniques to... read more >

Tags: ActiveGuard, malware, reverse engineering, SERT, Solutionary, ACH Transfers, banking trojans, Blackhole Exploit Kit, IDS-IPS, malware reverse engineering, security engineering research team

Here at Solutionary, we take physical security very seriously. This is not just to protect company information, but also our clients’ information. Many of our clients, especially those in the financial sector, feel the same way. Solutionary performs physical security assessments for a variety of our clients. I sometimes wonder if we are going over-the-top with extremes with our security, or expect too much from clients when performing an assessment. For example, a client recently absorbed another floor in their building due to growth and asked us to perform a risk assessment to ensure they had all the proper controls in place. This assessment was slightly different than previous assessments because of the dynamics of the new floor. There were a few things to consider that previously were not really issues per se. Now that they have a ground level floor there were many new vulnerabilities to consider including: windows, outdoor landscaping, trees, streets, lighting, camera... read more >

Tags: security, security policy, Solutionary, risk assessment, security best practices, security program