Blog

UPDATED Easing the Compliance Burden :: Sagan & PCI Compliance (version 2 - new requirements)

Article published/updated by: Drew Brunson, Senior Information Security Consultant, Quadrant Information Security

Difficulty achieving compliance with the Payment Card Industry Data Security Standard, the PCI DSS, sometimes can seem to spring from parts of the standard that seem fairly simple at first reading.

The requirement to track and...
Continue Reading

What the Sagan Log Analysis Engine Is…and What It Is Not.

Article by Champ Clark III.

With so many log analysis tools out there, we sometimes see strange comparisons between the Sagan log analysis engine and unrelated tools. For example, people often ask how Sagan compares to Splunk.  In our opinion, these are two different tools with two different jobs.

For one, the...
Continue Reading

Release of the APT Deflector (Patent Pending): True Quality Context, Threat Intelligence Advancement

JACKSONVILLE, Fla., Jul 08, 2016 (BUSINESS WIRE) -- Quadrant Information Security announced at an exclusive event in Jacksonville, Florida last night, the release of the APT Deflector (patent pending). This intelligent threat intelligence process is a component to our overall Sagan Solution, and our threat intelligence engine, BlueDot.

“We have to stay creative and continue to...
Continue Reading

EVENT :: THE RELEASE OF OUR APT DEFLECTOR (patent pending) Thursday, July 7, 2016 from 5-8p

An Evening of Cocktails & Cutting Edge Threat Intelligence Technology

WHAT: The release of our APT Deflector (patent pending) and how it will become a cutting edge component to our overall Sagan Solution and our intelligent threat intelligence, BlueDot!  This presentation will encompass the need for context and data quality in threat intelligence processes, and how the...
Continue Reading

This article should scare the S#!+$ out of you :: Hack Back DIY

All the more reason for 24/7/365 monitoring.  Read the full article: Hack Back DIY.

Continue Reading

Easing the Compliance Burden :: Sagan Technology & PCI Compliance

Article published by: Drew Brunson, Senior Information Security Consultant, Quadrant Information Security

For anyone tasked to ensure compliance with the 12 requirements contained in the Payment Card Industry Data Security Standard (PCI DSS), one requirement often causes unexpected difficulty, if only because of the variety of systems involved.

Requirement 10 of the...
Continue Reading

JunOS/ScreenOS Vulnerability Helps to Emphasize the Importance of Remote Log Storage

Article written by: Adam Hall - 

2015-12-17 09:00:00 system warn 00515 Admin user username1 has logged on via SSH from

2015-12-17 09:00:00 system warn 00528 SSH: Password authentication successful for admin user ‘username1’ at host

According to the above log, user ‘username1’ has logged into a...
Continue Reading

Playing the Wrong Game – External Cyber Intelligence Feeds

Article by: Robert Nunley, Senior Security Analyst

Pawn moves.  Pawn moves.  Knight moves.  Bishop takes knight.

OR

White pawn to king’s bishop 3.  Black pawn to king’s 3.  White knight to queen’s rook 3.  King’s bishop takes white knight at...
Continue Reading

Understanding and Preventing Point of Sale Attacks

Blog article featured on the Palo Alto Networks website.

POSTED BY: Josh Grunzweig on October 28, 2015 1:00 PM

In recent years, there have been a number of high-profile stories involving the compromise of point of sale (PoS) devices. My research often involves deep reverse engineering and analysis of various malware families targeting PoS...
Continue Reading

Sagan 1.0.0 (open source) log analysis engine released!

In June 2010, we completed initial work on Sagan 0.0.1 which was a very basic outline of what we thought a real-time log analysis engine should be. Historically, people treated logs as an archive of only the past activities, and in 2010, many solutions for “log analysis” were based on command line tools and concepts like grep. ...
Continue Reading