Category Archives: Blog

2019 MasterMind Lunches: CIOs Share What Tools They’re Using to Increase Efficiency in their Organizations

CIO, 4000 Employees, Construction Industry

Thanks Bill. This is an awesome list!! My contributions to the community are as follows:

  1. Talend: This is a drag and drop (like ETL) tool that can connect to OnPrem or Cloud solutions very similar to Dell Boomi (which charges by the connector and data flows) but Talend has a yearly cost of $25k.
  2. ThoughtSpot: This is a self-service Google-like data visualization tool. Our team helps setup a schema, relationships and creates a keyword dictionary then trains the business how to use their own data and share their“pin boards”.
  3. Glip: This is a social collaboration tool that comes with Ring Central, similar to MS-Teams/Slack/GroupMe/Chatter except it is integrated into the total UC platform. From a Glip Group you can launch an immediate video conference with the entire team and they all get a single click “alert” on their iPhone, Android, or Windows PC. This is similar to a document share you don’t have to bounce out to WebEx and create a meeting.

Continue reading

Top Efficiency Tools Shared By CIOs

Before each of my CIO Innovation Forum events, I find that it’s really important to take time and reach out to CIOs who have registered and ask them one important question – “What are you looking to gain from attending and what would be a huge win for you?” I tend to get all sorts of answers – varying slightly depending on the event’s agenda. Regardless, one answer clearly dominates – and that is, “I want to hear what my CIO Peers are doing in their organizations (i.e. best tools, practices, what works well/what doesn’t, etc.).

My team and I just wrapped up a series of Master Mind lunches in the MD, DC, and Raleigh, NC regions. I decided to ask the CIOs who attended to prepare and share the Top 3 best tools and/or systems they are currently using today that promote efficiency in their organizations.

Check out their responses in the document below. If you would like to be a part of these collaborative and informative conversations, reach out to my team to learn more about our upcoming CIO Innovation Forum events: offenseinnovation@redzonetech.net.

View Top Tools For CIOs PDF

New “Spoiler” Side-Channel Attack Threatens Processors

Over the past week, I have been talking about a new, non-Spectre side-channel attack called “Spoiler”. Thanks to our partner SonicWall, here is a breakdown of how it was discovered, how it attacks, and how to stop it!

What is Spoiler?

Research from the Worcester Polytechnic Institute in Worcester, Mass., and the University of Lübeck in Germany, identifies a new “microarchitectural leakage stemming from the false dependency hazards during speculative load operations.”

The group’s paper, “SPOILER: Speculative Load Hazards Boost Rowhammer and Cache Attacks,” proposes the new side-channel Spoiler attack, which could exploit a “previously unknown microarchitectural leakage stemming from the false dependency hazards during speculative load operations.”

As a result, Spoiler also enhances the effectiveness of other side-channel attacks, namely Rowhammer, and other cache-based attacks. The report notes that Spoiler only affects Intel Core processors and not current AMD and ARM processors.

The research group was quick to point out that while Spoiler is similar to Spectre, they aren’t the same and have very different ramifications, namely with how previous attacks take advantage of vulnerabilities in the speculative branch prediction unit and memory leaks in protected environments.

Spoiler is not a Spectre attack,” the researchers published in their 17-page report. “The root cause for Spoiler is a weakness in the address speculation of Intel’s proprietary implementation of the memory subsystem, which directly leaks timing behavior due to physical address conflicts. Existing Spectre mitigations would therefore not interfere with Spoiler.”

Stop Spoiler Side-Channel Attacks with RTDMI

SonicWall’s Real-Time Deep Memory Inspection (RTDMI) isn’t a common mitigation solution. But, like it does with Spectre, Meltdown, Foreshadow and PortSmash, SonicWall’s RTDMI can mitigate Spoiler attacks.

RTDMI provides CPU-level instruction detection granularity (unlike typical behavior-based systems, which have only API/system call-level granularity) to detect malware variants that contain exploit code targeting processor vulnerabilities, including Spoiler.

To discover packed malware code that has been compressed to avoid detection, the RTDMI engine allows the malware to reveal itself by unpacking its compressed code in memory in a secure sandbox environment. It sees what code sequences are found within and compares it to what it has already seen.

Identifying malicious code in memory is more precise than trying to differentiate between malware system behavior and clean program system behavior, which is an approach used by some other analysis techniques.

Besides being highly accurate, RTDMI also improves sample analysis time. Since it can detect malicious code or data in memory in real-time during execution, no malicious system behavior is necessary for detection. The presence of malicious code can be identified prior to any malicious behavior taking place, thereby rendering a quicker verdict.

The IT Security experts at RedZone can help you minimize risk with SonicWall’s Real-Time Deep Memory Inspection that can mitigate Spoiler attacks.

For more information, contact my team today: (410) 897-9494 | myteam@redzonetech.net 

Source: SonicWall Blog Post, March 6, 2019 – New Spoiler Side-Channel Attack Threatens Processors, Mitigated by SonicWall RTDMI, by Brooke Chelmo.

Solution Spotlight: Advanced Threat Protection

ATP | Discover and Stop Email Attacks with Automated Remediation

Ransomware, phishing and business email compromise have made email security more crucial than ever. Email-borne threats have evolved from annoying spam attacks to business disrupting ransomware attacks.

RedZone together with our partner SonicWall offers Email Cloud Capture ATP to shield your business from advanced email threats involving ransomware, spear phishing, and email compromise. With its Capture Advance Threat Protection Service, SonicWall Email Security delivers fine-grained, user-transparent inspection of SMTP traffic.

This cloud-based Capture service scans a broad range of email attachment types, analyzes them in a multi-engine sandbox, and automatically blocks dangerous files or emails before they reach your network.

Here’s what else you get…

  • Comprehensive multi-layer protection for email communications
  • Sandboxing and quarantining of any unknown files
  • Dynamic reputation-based blacklisting
  • Advanced content analysis and pattern recognition
  • Strong encryption + Data Loss Prevention (DLP) for compliance + regulatory requirements
  • Detailed reporting

Given its ubiquitous nature, email is a critical vector that your organization must protect. Email Security with Capture gives you a highly effective and responsive defense against today’s advanced email threats, at a low TCO.

RedZone offers innovative email protection solutions to help you secure your IT environment. Contact us today: (410) 897-9494 |rzsales@redzonetech.net