So why would we (and why you should)  give Active Directory (AD) all this attention and importance? Active Directory makes life easier for system administrators by providing many core features, such as centralizing resources and security administration, single sign-on for access to global resources, simplified resource location, and more.  All these pros look excellent and [...]

The 007 film series was and still is one of the most iconic movie series of all time.  As the author of this piece, my favorite one is “Skyfall”. It premiered in 2012, and I can tell that I’ve watched it, like, one hundred times and I will come back to it in the future.  [...]

No one can deny the primacy of automation in today’s world. In recent decades, humans have accelerated the pace of innovation, deploying new technologies wherever it’s possible.  Even humans themselves cannot suppress this evolution because technology has helped them automate various aspects of life. And while I was looking for an example to put here, [...]

Are you a fan of ninjas? We are talking about those shinobi fighters we usually see on TV shows and kids’ cartoons with a mask, black outfit, unseeable boots, a fancy and destructive-looking katana, and other cool ancient weapons.  Ninjas lived in Japan a long time ago in the era of feudal Japan.  They were [...]

So what do detectives do? Yeah! Because there is a correlation of characteristics between a cybercriminal and a detective. We will talk about some, but we will focus on one that connects them all. (Spoiler, it’s reconnaissance.) Whenever an illegal offense happens, you would find a detective, curious, probably with a ballpoint pen and a [...]

All about lateral movement in cybersecurity breaches,and how to protect against it “There are only two types of companies: those that have been hacked and those that don’t know they have been hacked.”Robert S. Mueller III, former director of the FBI. Cybersecurity breaches occur routinely in businesses, no matter the industry. And because attackers [...]

What is furry, affectionate, and purrs? A tribble! Tribbles were the tragic stars in an old Star Trek episode, “The Trouble with Tribbles.” Tribbles made awesome pets. However, things went bad when people discovered how quickly tribbles reproduce. If you look around, you might find something like tribbles in your network. Containers can make life [...]

Robbing a bank is easy. You can do it in three easy steps: go inside the bank, find the money, leave with the money. And that’s exactly how DarkVishnya did it. Two major facets of security are physical and information. Most people think of physical security as walls, doors, or windows. Those things make up [...]

Big Company — always safe on the inside. Everyone was worried about the zombie apocalypse, except for the Big Company employees. The walls of Big Company were tall and strong, keeping out the undead horde. Everyone was safe and sound until Frank had a heart attack in the break room. After that, the zombies were inside.   [...]

I have written before about a lion loose in the zoo, eating children. (Okay, maybe there were no explicit children dinners.) When someone breaks into one of your computers (or network devices, or printers, etc.), they are like a lion loose in the zoo. There is another type of zoo animal that can get loose [...]

The zoo is a fantastic place to take the kids. In fact, it’s great for adults, too. The zoo has everything from the sweet and innocent ducks and geckos, to the not-so-sweet blood-thirsty polar bears and lions. Now imagine yourself walking through the zoo, maybe with a group of kids, when one of the [...]

Thomas Phillips, CTO One of the biggest cybersecurity problems today is that an enormous amount of money is spent on attempts to secure and defend complex networks which, perversely, actually increase the burden on security professionals within the organization. In spite of taking layered security measures, any(in fact all)networks at some point get infiltrated [...]

Many people ask questions like “How do I know if I have been hacked?” or “What do I do if I have been hacked?” There is an easy answer to these questions — Nuke everything and start over. Then you can be fairly certain everything is okay. (For a while, at least!) This may sound a little [...]

Thomas Phillips drew on his unique background to develop an original approach to cybersecurity - interactive defense. Ridgeback Network Defense’s co-founder and CTO has not only spent 30 years of developing software but also has extensive experience in both offensive and defensive hacking. He studied computer science and psychology in college and is a military [...]

Deloitte is a multinational professional services firm that “provides audit, tax, consulting, and financial advisory services to public and private clients spanning multiple industries.” In 2017, Gartner ranked Deloitte security consulting number one globally for the fifth year in a row. By all accounts, Deloitte is a well-respected company that definitely has their act together. [...]

ISACA, US is an independent, non-profit, global association engaged in the development, adoption, and use of globally accepted, industry-leading knowledge and practices for information systems. With more than 600 active members, Pune Chapter of ISACA organized an annual conference on Transforming Security and Governance for Digital Age on July 7 and 8, 2017. Ridgeback was [...]

Distributed denial of service (DDOS) attacks have been in the news lately, and a number of people have asked me whether Ridgeback can prevent such an attack. What seems like a simple question actually touches on some complex issues. This post breaks it all down. First, a DDOS attack consists of: An unregulated network connecting [...]

First, in case you missed it, Ridgeback Hunter version 1.3.0 has been posted in the early access forums. Now on to the topic of simulations... During the two Ridgeback Acid Test Events in 2015, Ridgeback had a number of basic simulators behind the responders. That is, you could connect to a decoy on a TCP [...]

I recently read some posts from information security people who seemed to lack confidence in their abilities. Citing imposter syndrome, a feeling that they are not as competent as people think they are, they mused over whether their own skills and experience justified their roles as security professionals. This post is to spell out plainly [...]

When it comes to security, there are two kinds of organizations -- turtles and raptors.  When an adversary attacks your organization, your posture as a turtle or a raptor matters quite a bit. A turtle organization has a hard, outer shell, but a soft, vulnerable interior.  The organization spends a lot on firewalls and intrusion [...]

I do not like fear mongering.  However, I do believe that technological advances are outpacing our collective understanding of their implications.  There is a dangerous difference between our understanding and what is actually happening.  We need to take action now. The threat I worry about is global interconnectivity.  As in, who the hell thinks it [...]

The short answer: An actor is someone or something that is capable of sending information across your network. The long answer: The Ridgeback security appliance is really tracking agents in the sense of philosophy, sociology, linguistics, and artificial intelligence.  That is, an agent is an entity capable of "agency," or essentially capable of making something [...]

Natural sponges are fascinating structures.  A sponge is irregularly shaped and has no clear entry or exit.  The very idea of a "perimeter" seems completely ill-matched to a sponge.  Once water gets into a sponge, the water can travel to any other part of the sponge through what seems to be a practically infinite number [...]