New podcasts: Safely scanning OT environments with runZero
The OT (Operational Technology) sector faces significant challenges when it comes to network scanning. OT systems frequently utilize proprietary protocols that may not be compatible with legacy scanners. Consequently, this incompatibility significantly hinders the effective scanning and information gathering from OT devices. As a result, the asset inventory obtained is often incomplete or inaccurate, posing a major security risk.
Fortunately, runZero avoids aggressive scan tactics, which could destabilize certain IT and OT devices. With runZero, organizations of all types can safely create comprehensive and detailed asset inventories without any disruptions.
How does runZero safely scan OT environments?
runZero employs an innovative incremental fingerprinting approach specifically designed to identify and handle fragile devices effectively. When a fragile device is detected, the method is automatically adjusted to ensure safe scanning. Unlike other scanners that may utilize security probes, runZero’s proprietary scan technology solely utilizes well-formed IP packets. This approach eliminates the risk of disrupting critical operations or causing downtime.
Thanks to its unique and reliable method, runZero has garnered a large and satisfied customer base in various industries including manufacturing, energy, and healthcare. These customers confidently conduct regular scans in their OT environments without encountering any issues.
For a more in-depth understanding of runZero’s approach to OT environments, we invite you to listen to the two podcasts below, featuring runZero founders HD Moore and Chris Kirsch, respectively.
runZero’s approach to scanning ‘fragile devices’ – HD Moore and Dale Peterson on Unsolicited Response podcast
In this episode HD Moore and Dale Peterson spend the first third of the show talking about Metasploit; early reaction, OT modules, and whether Metasploit is still necessary and useful today.
The conversation then shifts to creating asset inventories in IT and OT environments, a core feature of runZero.
Below is a summary of the main talking points in this podcast:
- Why HD decided to run back into the cybersecurity startup world?
- How it started as a solo shop with HD writing all the code.
- How HD thinks Shodan and runZero are different.
- What technique runZero uses to ‘scan’. A term that many fear in OT.
- The OT reaction to this type of scanning.
- What role uses the runZero product?
runZero adds passive scanning for OT networks – Chris Kirsch on the Risky Business podcast
In this Risky Business News sponsor interview Tom Uren talks to Chris Kirsch about how runZero has evolved from an IT network active scanning product to one that can now discover assets on OT and cloud environments using both active and passive scanning approaches.
Play runZero OT minesweeper and win a prize!
There is still time left to play runZero’s OT Minesweeper!
The top three players will win one of the following prizes:
- Flipper Zero
- Bash Bunny
- Alfa Wifi Card
runZero is safe for OT environments, but legacy scanners are not!
In this game, you are a legacy scanner with 30 seconds (and ten total attempts) to recon the network without getting noticed in the fastest time. Just don’t crash any OT devices!
- Promotion ends: August 11th 2023 at 11:59 pm CST
- Winners will be announced at DEF CON 2023
About Version 2 Digital
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.
Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
About runZero
runZero, a network discovery and asset inventory solution, was founded in 2018 by HD Moore, the creator of Metasploit. HD envisioned a modern active discovery solution that could find and identify everything on a network–without credentials. As a security researcher and penetration tester, he often employed benign ways to get information leaks and piece them together to build device profiles. Eventually, this work led him to leverage applied research and the discovery techniques developed for security and penetration testing to create runZero.
NordLayer 客戶案例 DataWalk 如何在 20 分鐘之內部署安全網絡
重點內容:
- DataWalk 是一家位於波蘭、英國和美國的商業情報公司,每天需要處理大量來自企業和政府機構的敏感數據資源。
- 正尋求一個低維護成本的企業級資訊安全方案,特別是對於初創和快速擴張的企業而言,他們常常面臨資源匱乏的情況。
- NordLayer 提供了一個快速、輕鬆、有效的解決方案,減輕了 IT 部門的工作負擔。
- 具有簡單的集成標準,確保與其他系統的兼容性,增強而不是破壞公司的生態系統。
- 在最終用戶和 IT 管理員之間達到平衡,能夠輕鬆安裝和管理,提高整體效率。
- 20 分鐘部署網絡基礎架構升級,簡單無縫地融入現有的公司基礎架構中。
資訊安全議題往往只著重於處理惡意行為和威脅解決方案,卻鮮少關注到 IT 經理的角色。然而,IT 經理的決策以及他們對於安全需求的重視,往往會對資訊安全的優先排序和時間管理產生影響。尤其對於初創和快速擴張的企業而言,它們常常面臨資源匱乏的情況,並且將開發可信賴且高效的產品視為當務之急。
DataWalk 是一家位於波蘭、英國和美國的商業情報公司,每天都必須處理大量來自企業和政府機構的數據資源。該公司擁有由 130 多名員工組成的團隊,主要專注於開發數據分析軟件,旨在揭示商業營運中詐欺和洗錢的隱藏模式和聯繫。在追求可信賴和高效產品的同時,他們的DevOps 工程師兼部署架構師 Thomas Vodrazka 分享了他在建立和執行資訊安全路線圖方面的見解,並討論了公司自成立以來所面臨的挑戰。
面臨的挑戰
DataWalk 尋求低維護成本的企業級資訊安全方案
DataWalk 是一家處理相對敏感大數據資訊的公司,因此資訊安全是他們的首要關注項目之一。作為一個軟件供應商,他們在 AWS 雲端服務上運行,並使用各種配置來展示試用、測試和離線資料處理環境。隨著國際團隊成員的增加,公司網絡的流量負載也隨之增加。起初,對於一家小型公司來說,內部的 VPN 和伺服器足以應對需求。然而,隨著公司的服務範圍擴大和內部使用者數量增加,本地 VPN 面臨著流量快速增長的巨大壓力。
在尋找替代方案的同時,DataWalk 選擇將部分流量轉移到共用 IP 環境以減少本地伺服器負載,這是一個合理的快速解決方案。此舉不單成本效益高,且維護工作由第三方負責。然而,儘管公共伺服器可能是最佳選擇,但仍存在與其他伺服器使用者發生腳本衝突的風險。此外,共用閘道器也具有配置限制,對於一家需要安全環境以提供服務的公司來說,這可能成為一個不確定因素。
「作為一名 IT 系統管理員,你必須負責監督許多不同的領域,以確保業務運作和安全政策能夠順利且充分執行。尤其在小型工作團隊中,時間成為至關重要的資源,因此理所當然地,我們會優先尋找能夠保護我們的解決方案。」Thomas Vodrazka 說道。
在安全服務供應商中,提供具有專用 IP 選項的 VPN,介乎於自主維護的本地伺服器和公共閘道器之間。這種解決方案提供了安全性,同時減輕了維護的負擔。然而,如何將額外的安全性整合到公司的基礎架構中,同時不會給內部使用者帶來繁雜的操作和困惑呢?
NordLayer 提供了一個「增強而不是破壞公司的生態系統」的解決方案
以減輕 IT 經理的工作負擔
作為公司開發流程的先驅者,IT 經理在這個過程中擁有最大的自由度,但也承擔相應的責任。他們可以嘗試在企業層面引入有影響力的解決方案。然而,一旦這些解決方案被實施,系統就需要額外的安全措施。因此,DataWalk 最終轉向更為簡單易用的解決方案,以確保系統的安全性。
Thomas Vodrazka 補充說:「我和公司的 CTO 一起開始使用 NordVPN,該服務提供了我們所需的一切功能和界面。這激發了我對商業版本的好奇,我開始向周遭詢問是否有相應的商務解決方案。很快,我們就全面轉向了NordLayer,讓不同地方的員工能夠安全地存取公司的資源。」對於 IT 經理來說,如果新工具的設置對其他員工而言過於複雜,這可能會造成一些不便。
這個解決方案需要在最終用戶和 IT 管理員之間達到平衡,讓他們能夠輕鬆安裝和管理工具,從而提高整體效率。同時,該解決方案需要具有簡單的集成標準,以確保與其他服務供應商的兼容性,並增強而不是破壞公司的生態系統。
NordLayer 解決方案的其他功能,例如遙距桌面協議(RDP),在需要更頻繁地進行遙距疑難排解和存取同事終端的情況下,也顯得非常有價值。當 IT 管理員位於不同地區,且遙距團隊缺乏解決問題所需的知識或技能時,虛擬協助對於 IT 管理員來說是一個極其重要的支援工具。
20 分鐘之內部署安全網絡
快速、輕鬆、有效的網絡基礎架構升級
IT 系統管理員本身就是最終用戶之一,這使得他們能夠輕鬆進行公司系統的技術升級和整合。這種自主性為他們留出更多的空間來規劃和測試定制的資訊安全策略,以應對各種安全場景,包括最佳和最糟的情況。
「只需 20 分鐘的配置時間,就可以封鎖公共存取並更改 IP 地址。它就是那麼簡單。我不再需要擔心 VPN 了,這讓我節省了時間,並能夠更好地運用這段時間。」Thomas 說道。
NordLayer 的一個優勢是它可以在幾分鐘內進行部署,簡單的安裝過程能夠無縫地融入現有的公司基礎架構中。DataWalk 在美國和歐洲使用了兩個虛擬私有閘道器,所有管理員需要做的就是進行一次配置,然後就可以不再擔心它了。透過集中控制面板協助 IT 系統管理員,促進內部審計的進行。此外,如果您的團隊遇到任何問題,他們可以依靠全天候 24/7 的客戶支援團隊提供協助。
產品資料:
https://version-2.com/nordsecurity
下載「DataWalk 如何在 20 分鐘之內部署安全網絡」使用案例:
https://version-2.com/nordlayer-landing-page-datawalk-usecase/
關於 NordLayer
NordLayer 是現代企業的自適應性網絡存取安全解決方案,來自世界上其中一個最值得信賴的網絡安全品牌 Nord Security。致力於幫助 CEO、CIO 和 IT 管理員輕鬆應對網絡擴展和安全挑戰。NordLayer 與零信任網絡存取(ZTNA)和安全服務邊緣(SSE)原則保持一致,是一個無需硬件的解決方案,保護公司企業免受現代網絡威脅。通過 NordLayer,各種規模的公司企業都可以在不需要深入專業技術知識的情況下保護他們的團隊和網絡,它易於部署、管理和擴展。
關於 Version 2 Digital
Version 2 Digital 是亞洲最有活力的IT公司之一,公司發展及代理各種不同的互聯網、資訊科技、多媒體產品,其中包括通訊系統、安全、網絡、多媒體及消費市場產品。透過公司龐大的網絡、銷售點、分銷商及合作夥伴,Version 2 Digital 提供廣被市場讚賞的產品及服務。Version 2 Digital 的銷售網絡包括中國大陸、香港、澳門、台灣、新加坡等地區,客戶來自各行各業,包括全球1000大跨國企業、上市公司、公用機構、政府部門、無數成功的中小企及來自亞洲各城市的消費市場客戶。
The Security Compliance Conundrum: Adapting to the Era of IoT, Hybrid Work & AI
The rise of the Internet of Things (IoT), the adoption of hybrid work models, and the integration of artificial intelligence (AI) have revolutionized the way organizations operate. As we embrace the endless possibilities brought by these technological advancements, we must also confront the complex challenges they present, especially concerning security compliance. In an era where traditional security practices are no longer sufficient, organizations must re-think their approach to security compliance to safeguard their data, infrastructure, and reputation.
Securing the Vast Web of IoT Devices
The Internet of Things has woven an intricate web of devices, from smart thermostats to industrial control systems, connecting previously isolated environments. While this interconnectedness enhances efficiency and convenience, it also introduces a multitude of security vulnerabilities. Each connected device becomes a potential entry point for cybercriminals to infiltrate the entire network, causing devastating consequences for businesses and their customers.
As organizations integrate IoT devices into their operations, security compliance must move beyond a mere checkbox exercise. A dynamic and proactive security strategy becomes imperative. This includes continuous monitoring of IoT devices, ensuring timely updates and patches, and enforcing robust authentication and encryption mechanisms. Moreover, organizations should adopt a comprehensive risk management approach that actively assesses potential threats and their potential impact.
Hybrid Work is Here to Stay
The recent surge in hybrid work models has further accentuated security compliance challenges. Employees now access corporate resources from various locations and devices, blurring the boundaries of the traditional security perimeter. As remote work becomes the norm, the once-familiar security controls must adapt to this new paradigm.
Organizations should prioritize establishing a robust remote access infrastructure, employing multi-factor authentication, and encrypting data both at rest and in transit. Implementing a Zero Trust approach, where access is continuously verified regardless of the user’s location, is crucial in this hybrid work environment. Security awareness training for employees also becomes paramount to instill a security-first mindset, emphasizing their role in safeguarding sensitive data.
The Rise of Artificial Intelligence
Artificial Intelligence, with its transformative capabilities, brings both promise and peril to the security compliance landscape. AI technologies can strengthen defenses by detecting anomalies, predicting threats, and responding in real-time. However, they can also be exploited by malicious actors to launch sophisticated attacks and evade traditional security measures.
Organizations must recognize that AI is not a panacea but a double-edged sword. They must adhere to robust ethical guidelines when deploying AI-powered security solutions, ensuring transparency, fairness, and accountability in their implementation. Additionally, cybersecurity teams must be well-equipped to understand and combat AI-driven threats. Upskilling security personnel to work in tandem with AI technologies is vital to leverage the full potential of these innovations securely.
Furthermore, the convergence of IoT, hybrid work, and AI creates an entirely new breed of security challenges. For instance, IoT devices equipped with AI capabilities can lead to autonomous decisions and actions. While this enhances efficiency, it also means that security decisions may be made without human intervention, raising concerns about unintended consequences and potential security risks.
Where Do We Go From Here?
Organizations must embrace a holistic approach to security compliance that spans the entire lifecycle of these interconnected technologies. This includes conducting thorough security assessments during the procurement and deployment phases, monitoring their operations continuously, and employing incident response plans tailored explicitly for this unique combination of IoT, hybrid work, and AI.
To navigate these complex waters, collaboration is key. Industry-wide efforts to share threat intelligence and best practices can strengthen security compliance across the board. Government agencies, academia, and private enterprises must work together to develop comprehensive standards and regulations that keep pace with technological advancements while promoting innovation responsibly.
As IoT, hybrid work, and AI continue to reshape the modern business landscape, organizations must re-think their approach to security compliance. A proactive and adaptive security strategy, emphasizing continuous monitoring, risk management, and employee awareness, is crucial in mitigating the emerging risks. Additionally, organizations must embrace ethical AI practices and collaborative efforts to strengthen security compliance across industries. Only by taking a unified and forward-looking approach can organizations protect their assets and stay one step ahead of the ever-evolving threat landscape in this brave new world of technology.
About Version 2 Digital
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.
Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
About Portnox
Portnox provides simple-to-deploy, operate and maintain network access control, security and visibility solutions. Portnox software can be deployed on-premises, as a cloud-delivered service, or in hybrid mode. It is agentless and vendor-agnostic, allowing organizations to maximize their existing network and cybersecurity investments. Hundreds of enterprises around the world rely on Portnox for network visibility, cybersecurity policy enforcement and regulatory compliance. The company has been recognized for its innovations by Info Security Products Guide, Cyber Security Excellence Awards, IoT Innovator Awards, Computing Security Awards, Best of Interop ITX and Cyber Defense Magazine. Portnox has offices in the U.S., Europe and Asia. For information visit http://www.portnox.com, and follow us on Twitter and LinkedIn.。
The incredible secret life of software: What do they do when no one is watching them?
Today, on Pandora FMS blog, we’re going to get parabolic, not like the antennas flooding your city’s skyline corrupting the sky with their 3G poison, no. Parabolic parables. Like Yisus.
Thus, through a sweet story that your mental voice will read in a engulfed way, we will reach an incredible inflated conclusion of moral and good vibes. Let’s get there with the narration about the secret life of software!
The secret life of software: mischief and monitoring
There was once a little software called Glitchinator that worked in a boring office of a gray and monotonous building. The decoration was as exciting as a chess contest:
- A coal gray carpet.
- Ash gray walls
- Smoky gray curtains…
The air conditioning made a somewhat particular noise, something between some frozen fries thrown suddenly into the pan and a symphony orchestra that plays the same note over and over again. The rest of the software employees, CrashMaster, Crisistracker, FaultFinder… walked through the room like zombies with blank eyes.
People did not speak, only dipped their tea bags of chamomile and emitted sounds very similar to the redundant typing of a 21st century typewriter.
“If you’ve ever wanted to experience what it would be like to work in a tomb, this office is the perfect place for you.”, Glitchinator used to say.
Of course Glitchinator felt trapped in a routine of coding and programming, with no excitement or adventure in his life. It was all about washing peripherals, ironing the screen, polishing icons… and on Sunday mornings vacuuming the hard drive.
But something changed one night when all the employees went home and Glitchinator, for the first time, was left alone in the office after returning from a walk on the terrace to some files.
“Why let your files be sedentary?”
Right there gray started taking on color and Glitchinator felt free.
What to do now that no one was watching him, that no one was judging him?
Could… could… could it become a naughty show?!
“Hell yeah!”
So he went crazy. He took off his shirt, rolled up his pants and changed all the fonts in the Word documents on his partner Boris DefectDestroyer’s computer, which left him moderately baffled the next day.
Afterwards, he became emboldened and changed the icons on the desk of the boss’s PC, Mr. MalwareMangler, which left him equally confused. He always likes to have the trash icon at the top right corner of the screen.
But that wasn’t enough for Glitchi.
He wanted to do something even bolder. So he decided to pay a visit to the printer, there he lowered his pants and began to print sheets with “funny” images:
- Pictures of kittens with birthday hats.
- An avocado with headphones,
- And a hundred memes with phrases like “I’m compiling, please don’t talk to me”, “Keep Calm and Debug On”, “Error 404: humor not found!”.
He left them scattered all over the office.
Glitchinator felt like a fish in water, at its own pace, without any restrictions. But what he didn’t know is that his secret affair wasn’t going to last that long.
The S.W.A.T. team descended through the cork panels of the office roof and pointed their open-source lethal weapons at Glitchi.
Someone made the phone call.
Fortunately for Glitchi, after the illicit beating, the toughest guy among IT’s S.W.A.T. team found one of Glitchi’s “antics” somewhat amusing, I believe it was the avocado with headphones.
It was hilarious.
After the pleas and whining of the poor software, the team patted him on the shoulder and told him that it is okay to let go from time to time, to do something that breaks the immutability of daily lives, but as long as it did not endanger the security of his company to the point someone had to call the S.W.A.T.
From that good or bad afternoon, depending on how you look at it, Glitchinator became a model software, always doing what it had to do and avoiding any kind of childishness that could bring him closer to a photocopier.
He even gave up alcohol!
Conclusions
Have you been able to get a glimpse of the lessons of this extravagant parable?
We’ll give you three options.
- The moral of the story is that monitoring is crucial to keeping computer programs under control. Without it, they can make dangerous roadblocks and put your company’s security at risk.
- The moral of the story is that it is important to be open and willing to receive the Word of God. It also teaches us the importance of perseverance and overcoming difficulties.
- The moral of the story is that we are all sinners and can make mistakes in our lives, but there is always an opportunity to repent and start over.
About Version 2 Digital
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.
Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
About PandoraFMS
Pandora FMS is a flexible monitoring system, capable of monitoring devices, infrastructures, applications, services and business processes.
Of course, one of the things that Pandora FMS can control is the hard disks of your computers.
