Designing and implementing an IDS is not a trivial task, considering the numerous choices one faces during the process. Such systems require specialists who have a good overview over the entire application domain, and know how to configure each piece properly.

Not all business systems are created equal. Each is unique, and has different security needs. Maybe that’s why there are so many types of intrusion detection system (IDS), including

• Host based
• Application/stack based
• Cloud based
• Rule based
• Signature based
• Perimeter based
• Anomaly based
• Virtual machine based
• Hybrid IDS — a combination of two or more of these…

Where to place an intrusion detection system (IDS) is an important first question, but it’s far from the last decision you’ll make as you work to protect your enterprise from zero-day attacks like SolarWinds.

Once you’ve selected a location — on the network, on your devices, or, at a more granular level, on your applications, — you must next choose which kind of detection your IDS will use. What kinds of information should your IDS monitor?

One popular type of IDS is rule-based, which means the system identifies intruders based on rules that someone has written. Blacklisting is an example…

The recent zero-day attacks on SolarWinds and more than 100 other businesses and nine government agencies spell it out as never before: every enterprise needs an intelligent, application-based intrusion detection system (IDS).

This valuable cybersecurity tool can prevent intruders from lurking in your system for days, weeks, or even months to collect valuable data and infiltrate your networks.

IDS can often identify rogue outbound traffic such as a malware-infected endpoint communicating with a command-and-control botnet server. Using an IDS can make it easier to find the compromised device and block the suspicious signals.

So — why isn’t everyone already using…

A doll that understands what children say and responds to them seemed, in 2015, like a great idea — unless you were a security analyst.

Unfortunately for Mattel, security analysts seem to have been left out of the conversation until the toymaker’s “Hello Barbie” had debuted on the market; security and privacy advocates had protested in the media; and the company’s reputation had taken a major hit.

More recently, the video conferencing app Zoom had security issues, and had to pay a settlement to the U.S. Federal Trade Commission. …

There’s an app for everything, and hackers and thieves are taking advantage. What are enterprises doing about it? Not enough.

Web and mobile application use has exploded in recent years as businesses have digitized and moved more of their operations to the cloud, and as the number of mobile devices has proliferated. Application breaches have increased commensurately, and show no signs of slowing — unless developers change the way they build and secure these apps.

Everyone, it seems, has at least one smartphone, but we don’t spend much time talking on them. The 3+ billion smartphone users worldwide downloaded more…

The cloud computing paradigm has gained increasing attention from both industries and academia due to the almost-unlimited scaling potential through a lean and dynamic utilization of resources (ISC² Cloud Security Report, 2020). As identified by the National Institute of Standards and Technology (NIST), cloud computing possesses the following essential characteristics:

1. Broad network access

2. Rapid elasticity

3. Measured service

4. On-demand self-service

5. Resource pooling.

NIST also specifies three service models, [1] Software as a Service (SaaS), [2] Platform as a Service (PaaS) and [3] Infrastructure as a Service (IaaS), and four general deployment models, [a] public cloud, [b]…


We help companies develop secure products

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store