Despite the storm, it
was very busy in the portal this week. Red Sky staff
and member analysts participated in crowd-sourcing various targeted
malware. We also posted relevant details on two ongoing large-scale
Blackhole campaigns which were sourced by our Beadwindow members and are
now being corroborated by the private member analysts. Fusion Report 29
will hit the press this weekend and describe a highly targeted incident
which leveraged a backdoor that was specifically tailored for the
target environment. The malware is not a known variant so the report
will include a detailed analysis for future mitigation and correlation.
Beyond
that, membership continues to grow! We picked up four new global
members this week --a gas and oil company, a large player in the
networking community, a new financial institution, and another global
internet provider! Data is moving nicely as we round out the last
quarter of our first year in operation.
We’re in planning mode for 2013. Membership projections are looking good. We've got bookings already staged for next year, and we're looking for member feedback on several new features that might include full mobile access,
real time encrypted communications, unified messaging, and semi-automated
analytics to help reduce some of the manual burden of farming,
correlation, and repetitive tasks.
Last,
but certainly not least, our intern is preparing to fly the coop. He’s
our first, and has ranked out in the top 10% of our peer reviewed
analysts since starting with us in March. As a result, he’s currently
listed as provisionally “Red Sky Certified” (RSc)*, and
will qualify for one year certification in March if he sticks around
that long. He graduates in December, and as promised, we’ve referred him
into two member companies, and to make sure we align with his long term goals, we introduced him into a third, non-member company. I’ll let you know where he finally lands, but this is very
exciting. We’ve narrowed down next year’s crop of interns to four, and
will be working them through a filtering process over the next couple of
weeks. Interested in learning cyber analytics in the APT space? Drop
our Academic Director a note.
Until next week!
Have a great weekend!
Jeff
* Red Sky certified (RSc)
is granted provisionally after two quarters of ranking in the top 10%
of all peer reviewed analysts in Red Sky. Four consecutive quarters of
top 10% peer reviews earns one year of Red Sky Certification. Three
years certified makes it permanent.
Saturday, November 03, 2012
Thursday, November 01, 2012
Beadwindow is growing!
We kicked off our "Beadwindow" portal a couple of months ago with the idea that we could give government participants a place to quietly share notes with the private sector companies in the Red Sky Alliance. While participation isn't as strong as we see on the Red Sky private portal, we are seeing growth as a result of a couple of new features:
Last, looking for training? Are you an analyst with training in another discipline who's just jonesing to get into cyber but can't seem to catch a break? We've got three interns signed up for 2013 and one more possibly on the way, but we're always looking for wounded warriors or other folks who might have crazy m4d research, analytic and writing skills but need to be taught cyber. Red Sky and Beadwindow are now offering a training program for those who are willing to commit and study hard. Once completed, if you do well, we'll introduce you to our membership for your next job. Our first Intern is going through the process as we speak. Interested? Drop me a note or contact our Director of Academic Services directly.
Jeff
- Beadwindow users enjoy access to our Malware Analyzer: Imagine working in an information security shop and not having access to a malware analyzer! One of our top community analysts has probably pushed 150 malware samples through our MAG2, and tells us it saves him a ton of time every day. In an average processing time of less than a minute, he learns very quickly, which code, URLs, or documents are bad, and if so, how he can block the C2 before losing any more data. He then takes the analysis from our analyzer and starts looking for other instances of the same code in his network. 59 second average triage malware analysis time and expert assistance from our back-end team if needed. Where else can he go to get that?
- Cross portal communications: As of today Beadwindow users can now tag a question to be posted to the Red Sky private portal. This is especially useful when comparing notes between the two. We've had a couple of cases, even in this short period of time, where activities in one also targeted folks in the other. The benefits have been incredible. A direct result of this is two new Red Sky private portal users have requested (and were given) accounts on the Beadwindow portal.
- Beadwindow users get the same direct access to Red Sky analysts as the private portal -this means full length unclassified Fusion Reports based on actual cases you're talking about in the portal, with easy to use, high confidence actionable indicators that can be cut and pasted directly into your own sensors.
Last, looking for training? Are you an analyst with training in another discipline who's just jonesing to get into cyber but can't seem to catch a break? We've got three interns signed up for 2013 and one more possibly on the way, but we're always looking for wounded warriors or other folks who might have crazy m4d research, analytic and writing skills but need to be taught cyber. Red Sky and Beadwindow are now offering a training program for those who are willing to commit and study hard. Once completed, if you do well, we'll introduce you to our membership for your next job. Our first Intern is going through the process as we speak. Interested? Drop me a note or contact our Director of Academic Services directly.
Jeff
Subscribe to:
Posts (Atom)