[prev in list] [next in list] [prev in thread] [next in thread]
List: isn
Subject: [ISN] =?iso-8859-7?q?GAO=3A_Early_look_at_fed=A2s_=27Einstein_3?= =?iso-8859-7?q?=27_security_weapon
From: InfoSec News <alerts () infosecnews ! org>
Date: 2015-07-10 7:06:28
Message-ID: alpine.DEB.2.02.1507100706120.5153 () infosecnews ! org
[Download RAW message or body]
http://www.networkworld.com/article/2946040/security0/gao-early-look-at-feds-einstein-3-security-weapon-finds-challenges.html
By Michael Cooney
Network World
July 9, 2015
When it comes to the government protecting all manner of state and
personal information, the feds can use all the help it can get.
One of the most effective tools the government has is the National
Cybersecurity Protection System (NCPS), known as "EINSTEIN." In a nutshell
EINSTEIN is a suite of technologies intended to detect and prevent
malicious network traffic from entering and exiting federal civilian
government networks.
The Government Accountability Office has been tracking EINSTEIN's
implementation since about 2010 and will later this year issue an update
on the status of the system. But this week, it included some details of
its report in an update on the state of federal security systems, and all
is not well.
Preliminary EINSTEIN observations from the GAO:
•The Department of Homeland Security [which administers EINSTEIN] appears
to have developed and deployed aspects of the intrusion detection and
intrusion prevention capabilities, but potential weaknesses may limit
their ability to detect and prevent computer intrusions. For example, NCPS
detects signature anomalies using only one of three detection
methodologies identified by NIST: signature-based, anomaly-based, and
stateful protocol analysis. Further, the system has the ability to prevent
intrusions, but is currently only able to proactively mitigate threats
across a limited subset of network traffic (i.e., Domain Name System
traffic and e-mail).
[...]
--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic