Educause Security Discussion mailing list archives
Re: Malware remediation?
From: "King, Ronald A." <raking () NSU EDU>
Date: Thu, 10 Jan 2013 15:29:59 -0500
We recently upgraded our firewalls to Palo Alto Networks' next-gen hardware. We are very happy with them. They have threat (IPS) detection and prevention, AV detection and blocking, and URL filtering. We subscribe to their Wildfire service, which is comparable to the FireEye we tested late last year. When the firewalls detect and new EXE is downloaded, the file is also downloaded to a virtual testing system on their network where they monitor its actions, create a report of potential malware, and sends it to us. It has been very effective. I will admit, I have been skeptical of the "all-in-one" boxes in the past, but, the PAN firewalls are doing the work of four different devices very effectively. Ronald King Security Engineer Norfolk State University http://security.nsu.edu -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Russ Leathe Sent: Thursday, January 10, 2013 10:12 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Malware remediation? We are currently poc with bit9 and FireEye for malware detection. I like both products so far. Do you currently own one of these products? Would you care to give me your pro's/con's, what you would do differently, etc. Perhaps you went another direction? Thanks! Russ -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Samuel Gaudet Sent: Wednesday, January 09, 2013 2:25 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Pentest Agreement Ed Skoudis has a good boilerplate memo he shares with his students that is designed to protect employees in a situation similar to yours: http://www.counterhack.net/permission_memo.html Hope this helps, Sam On Wed, Jan 9, 2013 at 2:21 PM, Adam Vedra <avedra () calvin edu> wrote:
Would any one be willing to share an example of an internal pentest agreement/permission document between an employer and an information security employee, ideally one that is used in your own organization? So far the examples I have turned up are more or less contracts between an organization and an outside third party. Thank you for your help and input! Adam Adam P. Vedra, CISSP, GSEC Information Security Officer Calvin College
-- Sam Gaudet Systems Security Analyst University of Maine System Office: (207) 973-3297
Attachment:
smime.p7s
Description:
Current thread:
- Malware remediation? Russ Leathe (Jan 10)
- Re: Malware remediation? Joel Rosenblatt (Jan 10)
- Re: Malware remediation? Stein, Nico Alexander (Jan 10)
- Re: Malware remediation? King, Ronald A. (Jan 10)
- Re: Malware remediation? Joel Rosenblatt (Jan 10)