Archive | 2018

AlienVault OSSIM SSH Access

Today I was troubleshooting an issue and found something absolutely maddening on the default build of AlienVault’s OSSIM server. The SSH server doesn’t start up until VERY late in the boot process. lrwxrwxrwx 1 root root 27 Jun 22 2017 S01alienvault-depmod -> ../init.d/alienvault-depmod lrwxrwxrwx 1 root root 17 Jun 22 2017 S01mongodb -> ../init.d/mongodb lrwxrwxrwx […]

Vulnerability disclosure – did we get it right with Meltdown and Spectre?

Today Rendition Infosec is releasing a blog post that we started writing more than a month ago. Why now? The dust has settled, that’s why. Prior to the dust settling on Meltdown and Spectre, we think this very important conversation would have been lost in the noise. In light of these vulnerabilities, we think it […]

Top three considerations when limiting local administrator rights

Ideally we would always remove administrator rights from all users. But in the real world, we unfortunately must deal with years of technical debt and poor architecture decisions that make the complete elimination of administrator rights difficult (or financially non-viable) for many organizations. So when faced with the task of prioritizing the removal of admin […]