Posts

Showing posts from June, 2013

The gospel of SPLUNK

Image
Hi everyone, Hope your past week wasn't as crazy as mine...I had some good time with a great tool for reviewing logs. Ladies and gentlemen, I bring to you the gospel of SPLUNK..:) I had to review some logs during the week, in each log, I had about 200,000 events and had five logs to go through. I actually didn't know what I should be looking out for, but I was meant to spot suspicious behaviours. I didn't have to search the internet for long before i came across a myriad of log reviewing tools, but the one that caught my attention was SPLUNK. Great tool, easy to use, and great user interface. Manager Interface The search interface I didn't have to watch any tutorials before i got the hang of it. Anyways, for those that want to give it a try, there is free download at  http://www.splunk.com/download?ac=get_splunk_download

OWASP Top 10 Vulnerabilities - same old list

Hi Everyone, Work has been crazy lately, but I would like to brief you about the OWASP Top 10 2013 which was released recently. As expected, SQL injection is top on the list. Here are the Top 10: A1 - Injection A2 - Broken Authentication and Session Management A3 - Cross-Site Scripting (XSS) A4 - Insecure Direct Object References A5 - Security Misconfiguration A6 - Sensitive Data Exposure A7 - Missing Function Level Access Control A8 - Cross-Site Request Forgery (CSRF) A9 - Using components with known vulnerabilities A10 - Unvalidated Redirects and Forwards I wont go into the breakdown of each of these components, further details can be gotten at the official OWASP site . From the list above, it is disappointing to note that about a decade after the first OWASP top 10 was released, the major vulnerabilities have not been eliminated. Developers are still too focused on functionality and paying less attention to security. There is a need to engrave this list on the forehe...