Using File Monitoring to Limit Admin Rights

James TaralaAdmin Rights, Critical Security Controls, Tools

locks

Over the past few weeks we have been posting blogs about the importance of limiting user account rights to only what is necessary for someone to do their job. Users should have all the rights necessary to do their job, but nothing less and certainly not any more. This includes local administrator rights. Only the people that absolutely need those … Read More

Limiting Windows Local Administrator Rights

James Tarala20 Critical Controls, Admin Rights

lock

One of the common issues we run into during security assessments and incident response cases is the issue of users being assigned too many permissions on their local computer. For the sake of convenience and expediency, end users often demand that they be assigned local administrator rights. These users, often in an agitated and exaggerated manner, explain to their bosses … Read More

The Digital Security Poverty Line

James TaralaAssurance, Governance, Metrics

keys

Like many information security practitioners, this week marks the return to the office and reflection after attending the annual RSA Conference in San Francisco. Every year there are interesting speakers, some better than others, crazy parties, and a vendor show the size of a small city. And every year I admit I get a little contemplative at the end of … Read More

Community PowerShell Security Audit Scripts

James TaralaScripting, Tools, Windows Auditing

powershell

Back in December we posted a couple scripts that fellow auditors had pointed out to us that helped auditors dump Microsoft Windows file permissions to a CSV file for easier auditing. As a result of that post we’ve had feedback from a number of people that it would be helpful to see more of these scripts and even some suggestions … Read More

Community PowerShell File Permission Audit Scripts

James TaralaScripting, Windows Auditing

powershell

Often times as we talk with auditors or students in our classes audit scripts are brought to our attention that might be useful to people performing audits of various technical systems. Sometimes we write helpful scripts and when we do we’ll post them here for you to review. But sometimes we find the scripts and want to make you aware … Read More

Sensors for the Critical Security Controls

James TaralaCritical Security Controls, Tools

graphs

Most people in information security have heard of the Critical Security Controls these days. The idea of a community risk assessment project that helps all prioritize our information security efforts is appealing to most of us. The sticking question everyone always comes back to though is “how do I start implementing an information security plan using the controls?” There are … Read More

Critical Security Controls Maturity Model

James TaralaCritical Security Controls, Metrics

graphs

One of the projects that we have been thoroughly engaged on at AuditScripts.com has been to work with the Council on Cybersecurity on the Critical Security Controls project. If you haven’t had a chance to see the project, I would strongly recommend that you take a look. The full text can be most easily found at the SANS Institute at … Read More

Critical Security Control Whitepapers

James TaralaCritical Security Controls

graphs

In some of our training we’ve mentioned to people that we’ve published a number a whitepapers on the Critical Security Controls in conjunction with the SANS Institute and various other vendors. Unfortunately we’ve also discovered that many of these whitepapers can be difficult to locate on the SANS Institute’s website. So we wanted to compile a list of some of … Read More