26 June 2020

IOC’s and Yara Rules

Following on from the announcement last week by the Prime Minister Scott Morrison confirming Australia has been the target of increased cyberattacks by a foreign entity, we’ve been able to assist some of our clients go about checking for IOC’s and identifying the systems showing positive matches to one or more indicators as recommended by ACSC. If you don’t have an endpoint detection and response (EDR) solution in place and need assistance to conduct scanning that covers 100% of your environment, or are not familiar with using Yara rules, then feel free to make contact for a discussion about how we can assist.

Getting the Right Testing?

As there is a unique language and vocabulary for the field of Penetration Testing. It’s not uncommon to find a definition or scope of testing requirements missing some key elements. We have produced some information on different testing approaches which you can view or download below.

Web Application Penetration Testing

Infrastructure Penetration Testing

Marking Your Own Homework

Gartner recently predicted that through 2025, 99% of cloud security failures will be the customer’s fault. Source reference: Gartner article – Is the Cloud Secure?

Whilst it might be a challenge to actually measure this prediction it also doesn’t seem to take into account that there is a reasonable possibility an IT contractor, or the employees of a System Integration company, might also play a part in a cloud security failure. Given the complexity of cloud environments it’s not surprising that people make mistakes, so a percentage of security failures are inevitable.

One way an organisation can look to minimise the likelihood of having a cloud security failure is to seek independent, objective advice and critique regarding their cloud security configuration. Letting the inhouse IT team, the IT contractors or System Integrator mark their own homework may return a different result compared to getting a dedicated security organisation to review the configuration of the environment.

The ideal time to get independent input is during the design phase of your cloud security environment; however, if this does not occur then input further down the track will suffice. Kaon Security have assisted a number of organisations ensure their cloud environment is secured in pre and post deployment scenarios.

The key elements of our Microsoft Azure Security Audit Service include a comprehensive assessment of the planned or existing configuration and deployment, a risk analysis, recommendations to improve your security posture and remediation points.

Click Here to view details on our Microsoft Azure Security Audit Service.

Never Trust Always Verify

The Zero Trust security model assumes that everyone “connected” should not be trusted until proven otherwise. With the rapid adoption of cloud services, perimeter-based security is becoming a less significant or even redundant part of your enterprise security architecture. Instead of trying to put everything behind a firewall, treat everyone as a threat until proven otherwise.

This model (zero-trust) follows the access control principle of least privilege. User identities are verified in real-time whenever a resource is requested and as such, far more distributed and granular control over access to data and resources when compared to perimeter-based security.

Authentication is a key part of implementing Zero Trust so a multi-factor authentication (MFA) or two-factor authentication (2FA) solution must be put in place. Once an individual is authenticated he or she may only access specific resources or applications as defined in a role-based access control policy.

Click Here to read an informative Zero Trust Vision whitepaper from Microsoft.

IT Policy System - Version 20 Released

Kaon Security is pleased to be able to announce the upcoming release of Version 20 of the IT Policy System which will start shipping on 1st September 2020.

All organisations have gone through an unprecedented period of disruption and upheaval since March this year and for many, their working from home arrangements may stay in place for the foreseeable future.

To this end it has never been more important to ensure all managers, staff and contractors have clear guidance on the use of organisational systems and data when not in the office.

Our customers have commented that having well written and easy to understand policies already in place made their transition to work from home easier. Having the foundation blocks in place with the IT Policy System allowed them to focus on business continuity.

Version 20 will be available to customers wishing to subscribe to our Policy Management as a Service offering and the Policy Lite versions.

Click below to view our short information videos.

 

Policy Management as a Service

 

IT Policy Lite System

The new additions, enhancements and changes being delivered in Version 20 are as follows

  • Updated interface and main menu options
  • Policy merge option – if you wish to merge two or more policies into one single policy this is now possible
  • Animated overlay – this highlighting function makes it easier to see content and information on screen
  • Security awareness videos – 3 videos covering key security topics are being introduced
  • Updated material in the Guideline, Forms & Other Documents section
  • Updated Incident Response Plan document in the Procedures and Processes section

If you would like to set up a discussion and detailed system walkthrough, to understand how we can assist your organisation develop, deliver and maintain a suite of suitable IT Policies in under 8 weeks then feel free to make contact.

Contact Us Today

Fill in the form below or call us on +61 3 9913 3248 (VIC), +61 7 3194 3664 (QLD) or +61 2 9098 8206 (NSW)