Tag Archive for: customers

IBM lets customers, partners write apps for QRadar threat intelligence platform

/in

IBM is launching a program where customers can share apps they write to augment IBM’s QRadar platform that analyzes security data, detects behavior anomalies and sorts out high-priority risks from the mass of incidents it examines.

To accomplish this, the company is opening APIs into QRadar, issuing software developer kits and creating a Security App Exchange where these custom apps can be distributed.

The exchange has already been seeded with 14 apps written by IBM itself and some of its partners including Bit9 + Carbon Black, BrightPoint Security, Exabeam and Resilient Systems.

Four of these apps are:

  • User Behavior Analytics – Integrates Exabeam’s analysis of user behaviors and risk profiling into QRadar’s dashboard.
  • Threat Intelligence – Pulls data from threat feeds and create rules about how to handle the data, such as raising the threat score for incidents involving IP addresses from a particular watch list.
  • Carbon Black App for QRadar – Analyzes data from Carbon Black’s endpoint sensors within the QRadar interface, enabling faster responses to endpoint attacks.
  • Incident Overview – A visualization app that uses bubbles, colors and correlation lines to help analysts quickly identify links among incidents.

IBM says it will vet applications before they are made available in the app exchange. Dozens of businesses have joined the exchange, the company says, and the apps are free.

To read this article in full or to leave a comment, please click here

Network World Tim Greene

Microsoft enables potential unwanted software detection for enterprise customers

/in

It’s time to throw adware, browser hijackers and other potentially unwanted applications (PUAs) off corporate networks, Microsoft has decided. The company has started offering PUA protection in its anti-malware products for enterprise customers.

The new feature is available in Microsoft’s System Center Endpoint Protection (SCEP) and Forefront Endpoint Protection (FEP) as an option that can be turned on by system administrators.

PUA signatures are included in the anti-malware definition updates and cloud protection, so no additional configuration is needed.

Potentially unwanted applications are those programs that, once installed, also deploy other programs without users’ knowledge, inject advertisements into Web traffic locally, hijack browser search settings, or solicit payment for various services based on false claims.

To read this article in full or to leave a comment, please click here

Network World Security

Scottrade breach exposes sensitive data for 4.6 million customers

/in

On the heels of hacks hitting artist funding site Patreon and a database of 15 million people who applied for T-Mobile accounts comes word that online stock brokerage Scottrade has suffered a breach that exposed the personal information of 4.6 million customers.

Scottrade officials said in an online advisory that the breach happened in late 2013 or early 2014 and exposed social security numbers, e-mail addresses and “other sensitive information,” whatever that may be. While all that data was available for the taking, the advisory said the attackers appeared to target client names and street addresses. The notice never made it clear if password data was also accessed, but unhelpfully, the officials said, “Client passwords remained fully encrypted at all times and we have not seen any indication of fraudulent activity as a result of this incident.”

Remarkably, the officials leave it up to customers to decide whether they should change passwords. Out of an abundance of caution, Ars recommends that all Scottrade users change their passcodes ASAP, both on the brokerage site and any other sites that may have used the same credentials. The officials said they learned of the breach after receiving information from federal law enforcement investigators. Scottrade is offering a year of free identity protection services to all 4.6 million people whose details were included in the compromised database.

Read on Ars Technica | Comments

Ars Technica » Technology Lab

Oracle CSO to customers: we don’t need your (false positive) bug reports

/in
maryanndavidson Oracle

Mary Ann Davidson

Oracle’s CSO thinks customers who reverse-engineer its code in attempts to find bugs should cut it out because they’re not finding much worth acting on and, more importantly, they’re violating their licensing agreements.

The condescending tone of the blog that sets down her objections rankled readers – and presumably customers – so much so that Oracle took it down, but not before it was cached.

To read this article in full or to leave a comment, please click here

Network World Tim Greene