Saturday, March 24, 2012

Status - Red Sky Alliance

Good morning all! It's Saturday morning and I've had an incredible week at the Honeynet Project Annual Workshop. This years event was held at Facebook out in Menlo Park. Nice. Even during travel, startups don't stop. It's been busy!

So here are this weeks updates to Red Sky Alliance:
  • We've added new member! We're up to eight now, we more requesting our presentation and demo every week. This is great news!
  • Hacked! This week our external facing website was hit with an iFrame redirect attack. We knew it would happen, and it did. The website was back online quickly, although the original sits on a machine in MD. We posted a one page marker until I get back tomorrow and upload the original. 
  • Success! New malware was posted to the site by one of the members. Within an hour, two others posted analysis. One of them was Norman, using their new G2 Malware Analyzer. In both pieces of analysis, the submitting member was immediately given four new pieces of information which allowed them to block C2, and then do incident response. 
  • Upcoming "Threat Day": Preparing to host a "Threat Day" on April 11th at Defense Group's Vienna facility. No vendors allowed; only members and presenters. This should be a great day. Doing happy hour at the Army Navy Club the night before.
  • Our Norman G2 suite has shipped! We'll be online soon. Einar is hiring 15 new analysts/engineers and they're gearing up to support Red Sky Alliance. This is going to be a great partnership!
We've also posted a 'launch' site. We've only been online since mid-February (if you can believe it!). We've received a number of emails asking for more information, and I'm finding it easy to lose track and make sure everyone gets answered. To make sure I'm not dropping anyone through the cracks, I've added  launch.redskyalliance.org to allow folks to sign on if they've got interest. I'm hoping it'll help with my organizational skills!

That's it for now.
Have a great week!
Jeff
Post a Comment