PaulDotCom mailing list archives
No subject
From: bogus () does not exist com ()
Date: Tue, 04 Aug 2009 23:25:38 -0000
sitting on a span port. That then talks to the networks outbound proxy which uses iCAP to talk to the inspection engine. Another component sold separately is the host protection, maybe this product could be responsible for e-mail signing? I think semantic are going along the right lines with the host protection. We all know endless ways of getting information outside network. The trick is to restrict user access to that data in the first place, by deploying vontu with user permissions testing and Defence in Depth. If my memory servers me right: I believe vontu is able to raise a flag if a user pulls of more records from a database then they usually do or puts interesting data on a USB pen ( for example) , this kind of monitoring is what should be used as first line DLP and network protection as a 2nd line defence. Any thoughts on this? 2009/10/23 Ron Gula <rgula at tenablesecurity.com>:
I think it is one thing to talk about bypassing Vontu. How about spoofing sensitive email to frame your buddy or coworker into loosing their job? A lot of corporations use DLP products and these are often run by their legal/compliance teams. -- Ron Gula, CEO Tenable Network Security _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- No subject (Aug 04)
- <Possible follow-ups>
- No subject (Aug 04)
- No subject (Aug 04)
- No subject (Aug 04)
- No subject (Aug 04)
- No subject (Aug 04)
- No subject (Aug 04)
- No subject (Aug 04)
- No subject (Aug 04)
- No subject (Aug 04)
- No subject (Aug 04)
- No subject (Aug 04)
- No subject (Aug 04)
- No subject (Aug 04)
- No subject (Aug 04)
- No subject (Aug 04)
- No subject (Aug 04)
(Thread continues...)