Author: admini

“We asked who owns database security, and what we found is that a lot of companies have multiple people involved,” Oltsik says.

According to ESG, the most common stakeholders listed by survey respondents were security administrators, DBAs, and system administrators. But some organizations could have as many as 10 different individuals or functional groups burdened with responsibility for regulatory compliance when it comes to the sensitive information within their databases.

Approximately nine different corporate roles were listed by at least a quarter of respondents as having a say in database security, including the usual suspects along with auditors, compliance departments, and legal staffers.

Unfortunately, with so many stakeholders responsible for securing valuable database information, Oltsik suspects that too many of them believe someone else is taking care of database security — thus leaving no one at the tiller.

“Instead of investing in hardware or software, I would start with the people first,” says Kornbrust, CEO of Red-Database-Security GmbH, a consultancy that specializes in securing Oracle databases.

This could start by testing out cooperation with the hardening of just a few databases.

http://www.darkreading.com/database_security/security/app-security/showArticle.jhtml?articleID=224201189&cid=RSSfeed

In addition to the FAA’s own cybersecurity efforts, the FAA’s security operations center manages cybersecurity for the rest of the Department of Transporation as well as for parts of the Department of Energy and the Department of Commerce, and Brown expects the amount of cybersecurity information being fed to the FAA’s analysts only to grow with time.

According to IBM, the effort will work by first establishing certain baselines in order to be able to identify anomalous traffic, and then use those baselines to detect the presence of possible attackers in real-time and even to perform predictive analytics to anticipate what hackers who have infiltrated a system might do next in order to cut them off at the pass before they’re able to do real damage.

InfoSphere Streams is able to digest heavy streams of low-level data in multiple formats simultaneously, analyze them with pre-processing, and adjust to tweaks in algorithms and analytical models on the fly.

http://www.darkreading.com/vulnerability_management/security/perimeter/showArticle.jhtml?articleID=224200806&cid=RSSfeed

Cross Product
Blackthorn2
For forensics acquisition, examination and analysis platform for various platforms including Garmin, TomTom, and Magellan:
I like this product since it provides forensic quality data (including hashes).
Pricing: Being requested.

Device Seizure
• GPS Waypoints, Tracks, Routes…
Price: USD 199 per license

TomTom Specific

TomTology
Decoding of live data providing:
  Home Location
  Favourites
  Recent Destinations
  Last Journey Start and End Point (where available)
  Stored Phonebook
  Called Phone Numbers
  Received Phone Numbers
  Sent SMS Messages
  Received SMS Messages
  Location where TomTom was turned off

• Retrieving of deleted journeys from unallocated space proving same details as above for all recovered.

• Locating deleted phone numbers

• Locating deleted SMS Messages

Price: USD 250 per license

XACT
Retrieves location data.

Pricing: Being requested.

Not tools but useful pages of info:
Tom Tom GPS Forensics
Pinpointing TomTom location records: A forensic analysis