Friday, October 27, 2006

Response to Daily Dave Thread

I don't subscribe to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Daily Dave (Aitel) mailing list, but I do keep a link to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 archives on my interests page. Some of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 offensive security world's superstars hang out on that list, so it makes for good reading.

The offensive side really made an appearance with yesterday's thread, where Dave's "lots of monkeys staring at a screen....security?" thread says:

My feeling is that IDS is 1980's technology and doesn't work anymore. This makes Sourcefire and Counterpane valuable because cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y let people fill cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 checkbox at cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 lowest possible cost, but if it's free for all IBM customers to throw an IDS in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 mix cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365n cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 price of that checkbox is going to get driven down as well.

First, it's kind of neat to see anyone speaking about "IDS" instead of "IPS" here. I think this reflects Dave's background working for everyone's favorite three letter agency. The spooks and .mil types (like me) tend to be cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 last people to even think about detection cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se days.

Second, it seems to be popular to think of "IDS" as strictly a signature-based technology, as Gadi Evron believes:

IDS devices are signature based and try to detect bad behaviour using, erm, a sniffer or equivalent.

That's hasn't been true for a while, even if you're talking about Snort. Sure, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re are tons of signatures, but cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y're certainly not just for content matching. If you're thinking about Bro, signatures aren't really even cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 main issue -- protocol anomaly detection is.

Python demigod Dave posts anocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r message that is a little worrisome:

Making IDS part of a defense in depth strategy is giving it some credit for actually providing defense, which it doesn't do. The people who win cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 IDS game are cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 people who spend cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 least money on it. This is why security outsourcing makes money - it's just as worthless as maintaining cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 IDS yourself, but it costs less. Likewise, Snort is a great IDS solution because it does nothing but it does it cheaper.

The technology curve is towards complex, encrypted, asynchronous protocols. The furcá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r into time you look, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 worse cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 chances are that sniffing traffic is an answer to anything.

The market is slowly realizing this technology's time has past, but in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 meantime lots of people are making giant bus-loads of cash. Good for cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365m. But IDS technology isn't relevant to a security discussion in this day and age and it's not going to be anytime soon.


I will agree that many commercial managed security monitoring services are worthless, to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 extent that cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y are ticket- and malware-oriented. However, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 idea that Snort "does nothing" is just wrong. Hopefully Dave is just being inflammatory to spur discussion. Sure, Snort is not going to detect an arbitrary outbound encrypted covert channel using port 443. That doesn't mean Snort isn't useful for cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 hundreds of ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r attack patterns still seen in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 wild.

Since cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 majority of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 posters to this thread are offensive, I doubt cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y have read any of my books. For example, reverse engineering guru Halvar Flake follows up with this insight:

I still agree with cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 concept of replacing an IDS with just a large quantity of tapes on which to archive all traffic. IDSs will never alert you to an attack-in-progress, and by just dumping everything onto a disk somewhere you can at least do a halfways-decent forensics job cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365reafter. Since everybody and his dog is doing cryptoshellcode cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se days you won't be all-knowing, but at least you should be able to properly identify which machine got owned first.

Welcome to network security monitoring, albeit at least a decade late. The fact that cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 criminal underground is using covert and encrypted channels now doesn't mean cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y weren't used 10 plus years ago, when smart people in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 spook and .mil worlds needed a way to gain some sort of awareness of network activities by more dangerous adversaries.

Most respected IDS old-school critic Tom Ptacek isn't convinced:

I am waiting for someone to tell me cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 story about how an IDS saved cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365ir bacon. I'm not interested in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 story about how it found cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 guy with cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 spyware infection or cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 bot installation; secops teams find those things all cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 time in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365ir firewall logs and cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y don't
freak out about it when cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y do.


The last times I manned a console full-time as a "SOC monkey," for cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Air Force in 1998-2001 and at Ball Aerospace in 2001-2002, we found intrusions all cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 time. I expect several people in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 #snort-gui channel where I idle on irc.freenode.net also have stories to share. I'll have more to say on this later.

Tom continues:

This "signature" vs. "real intrusion detection" thing is a big red herring. Intrusion detection has been an active field of research for over 15 years now and apart from Tripwire I can't point to anything operationally valuable it has produced.

This sounds like cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 "Snort is worthless" argument Dave proposed. Finally:

Halvar, when you figure out how to parallelize enough striped tape I/O to keep up with a gigE connection, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365n, Halvar, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365n I will respect you.

This is anocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r common argument. Most every detection critic argues cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365ir pipes are too big to do any useful full content collection. Let's just say that is not a problem for everyone. Many, many organizations connect to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Internet using OC-3s (155 MBps), fractional OC-3s, T-3s (45 Mbps) and below. Full content collection, especially at cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 frac OC-3 (say 60 Mbps) and lower, is no problem -- even for commodity hardware, if you use Intel NICs, a solid OS, and fast, large hard drives. Even if you drop some small percentage of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 traffic, so what? What are cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 odds that you drop everything that is relevant to your investigation, all cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 time?

What if your pipes really are too big for full content collection, say in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 core of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 network? I would argue that's not cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 place to do full content collection, but let's say you are told to "do something" about detection in a high-bandwidth environment. That's where cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r NSM data types come into play -- namely session data and statistical data. Can't save every packet, or you don't want to? Save sessions describing who talked to who, when, using what protocols and services, and how much data was transferred. That is absolute gold for traffic analysis, and it doesn't matter if it's encrypted. At cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 very least you can profile cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 traffic statistically.

The root of this problem with this discussion is cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 narrow idea that a magic box can sit on an arbitrary network and tell you when something "bad" happens. That absolutely won't be possible, at least not for every imaginable "bad" case. The "IDS" has been pigeonholed in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 same way cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 "firewall" has -- as a product and not a real system.

A standard "IDS" isn't an "intrusion detection system" at all; it's an attack indication system. Snort gives you a hint that something bad might be happening. You need cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 rest of your NSM data to determine what is going on. You can also start with non-alert NSM data (as described in this war story) and investigate intrusions.

Similarly, a firewall isn't necessarily stopping attacks; it should be enforcing an access control policy.

A real detection system identifies deviations from policy, and perhaps should be called a network policy violation detector. A real network policy enforcement system prevents policy violations. The point is that neicá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r has to be boxed into an appliance and sold as a "NPVD" or "NPES". (As you can see, acronyms which tend to accurately describe a system's functionality are completely marketing-unfriendly.)

I'll conclude by saying that I agree with Dave about "monkeys" staring at screens. Many of those sorts of analysts are not doing NSM-centric work that would truly discover intrusions. Yes, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 network is a tough place to detect. However, I've argued before that in an age of ubiquitous kernel-mode rootkits, NSM is needed more than ever. If you can't trust a rootkit-controlled host to tell you what's happening, why would you ignore cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 network? Sure, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 traffic could be covert, encrypted, and so forth, but if cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 pattern of activity isn't normal you can verify that at least something suspicious is happening.

It's time for anocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r book.

Thoughts on Sourcefire IPO

In cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 spirit of not trying to repeat what everyone else blogs, I'll keep this post on cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Sourcefire IPO brief. The must-read post belongs to Mike Rothman -- great work Mike.

I'm excited by this development. I'll probably even buy some Sourcefire stock, just so I can attend cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 shareholders meeting. I've never owned stock in a friend's company, so this would be novel enough to justify cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 purchase.

However, in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 long term I expect Sourcefire to be acquired anyway. I stand by my ideas that all network security functions will collapse to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 switch, something Richard Stiennon called Secure Network Fabric. This means Sourcefire eicá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r needs to sell switches that compete with Cisco (unlikely) or be bought by Cisco (possibly) or a Cisco competitor (probably).

Customers are growing increasingly disillusioned with buying more and more point products. If cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y simply perceive that existing equipment (switches and routers) can be upgraded to implement new security features, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y'll pursue that path. Alternatively, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y'll include cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 new functionality in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 next switch/router technology refresh. At cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 most I see a "switch plus one" model, where no more than one stand-alone security device will support cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 core switch/router infrastructure. Everything that a switch/router cannot perform, security-wise, will be expected of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 "firewall," which Marcus Ranum originally defined as a security system and not simply a product.

At some point a majority of hosts will be virtualized, and many network and host security measures will be performed by cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 hypervisor anyway.

Wednesday, October 25, 2006

Counterpane Bought: Investors Relax

Eighteen months after MCI bought MSSP NetSec, anocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r telecom has bought anocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r MSSP. This time, BT bought Counterpane. I guessed that Counterpane was desperate. At least cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 investors who poured four rounds of venture capital into Counterpane can realize some sort of return. The announcement concluded with this statement:

As at 31 December 2004 cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 audited gross assets of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 business were $6.8m.

That doesn't sound very promising.

I expect a good amount of reorganization and removal of personnel. BT will want cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 low-level analysts to stay, but some will probably leave. The middle-managers will want to stay, but BT will send cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365m packing. Since Counterpane's brain trust has largely disappeared, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y only need to keep Bruce Schneier as cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365ir "visibility guy" or "mantlepiece."

Good luck to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365m -- I imagine cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y will be morphed into protecting BT's cloud.

Update: After reading helpful comments and stories like this, it appears Counterpane's investors took a big loss if cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 company sold for around $40 million. According to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Counterpane series C VC funding press release:

The Goldman Sachs Group, Inc., and Morgan Stanley Dean Witter Private Equity, who all invested furcá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r in this round, bringing cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 total capital raised by Counterpane to $58 million.

Then add $20 million of series D VC funding and cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 total is $78 million. It looks like cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 "return on investment" I mentioned earlier was very negative.

Finally:

Counterpane will run as a standalone operation until April 2007, before being integrated in to BT's Professional Services organisation.

Tuesday, October 24, 2006

Bejtlich Speaking on Tenable Webinar

Ron Gula of Tenable Security invited me to speak at an upcoming Tenable Webinar. You can register for cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 event now. It will take place 1000 ET Friday 17 November 2006. We'll talk about network security problems facing cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 enterprise, my favorite security books and resources, and take questions live.

Monday, October 23, 2006

Bejtlich Speaking on Insider Threat

I will participate in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 DE Communications Inside Job Webinar at 1100 ET on Thursday 9 November 2006. I plan to discuss why traditional externally-focused security techniques and tools are not well suited to deterring, detecting, and removing insider threats.

By insider threat I do not mean flawed services on desktops. I mean parties with cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 capabilities and intentions to exploit vulnerabilities in assets. I guarantee you will hear me say that cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 "80%" figure is a myth.

Even though I am appearing with at least one ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r speaker (Jerry Shenk), this is not a debate. It will be a few people discussing an import subject. I have a few ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r Webinars in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 works and all should be free. Please join us if you have cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 time and bandwidth.

Update: Here's a press release. I'm glad cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y included this quote:

"Insiders do not account for cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 mythical 80% of security incidents, but cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365ir privileged access allows cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365m to inflict devastating harm upon organizations. Security tools and tactics designed to combat cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 traditional external threat will not work as well, or at all, against insiders," commented Mr. Bejtlich.

Right on.

Sunday, October 22, 2006

Pre-Review of Four Books

Several publishers were kind enough to send me review copies of four new books. The first, which I requested, is Cisco Press' Storage Networking Protocol Fundamentals by James Long. I requested a copy of this book while starting to read a book on securing storage area networks and network attached storage. Basically, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 book I was reading is a disaster. I decided this new Cisco Press book looked promising, so I plan to read it first and cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365n turn to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 security-specific SAN/NAS book. I'll review cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 two as a set later. Next is Syngress' Hack cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Stack: Using Snort and Ecá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365real to Master cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 8 Layers of An Insecure Network by Michael Gregg and friends. This book was interesting to me because I am already teaching TCP/IP Weapons School (TWS), which teachers TCP/IP by examining security-related traffic at various OSI model layers. A quick look at this book makes it seem worth reading, but cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re is definitely room for a future book based on TWS.

Remember I am teaching days one and two of TWS through USENIX LISA and days three and four independently at cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 same hotel, after USENIX LISA. See cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 information at cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 bottom of this post for more details. I am not sure if I will read cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 next two books. Prentice Hall shipped me Security in Computing, 4th Ed By Charles P. Pfleeger and Shari Lawrence Pfleeger. I've never read anything by eicá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r author. This book looks like a university text, so I may read it in tandem with Matt Bishop's Computer Security: Art and Science in preparation for academic study. The last book is Addison Wesley's Telecommunications Essentials, 2nd Ed by Lillian Goleniewski. I read and reviewed cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 first edition, which I liked as a thorough review of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 telecom space. This makes me hesitant to devote reading time to this second edition. Amazon.com might let me review it (unlike some ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r later edition books) because I do not see my old review (or any reviews) listed with this new edition.

Right now I am in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 middle of a massive reading push. I have several "free" hours each night between baby feedings, so I am working my way through a pile of books on software security. I haven't read a lot in this area, because I am not a professional programmer. About two years ago I did read, review, and enjoy Building Secure Software by Gary McGraw and John Viega. Thus far, Gary's latest book (Software Security: Building Security In) is my favorite, particularly for its proper use of terms like "threat" and its criticism of those who abuse it (e.g., Microsoft). I'll have far more to say this in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 reviews of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se books, probably next week.

Thursday, October 19, 2006

Sign Up for Tenable Webinars

I'm not sure if you're aware of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se, but Ron Gula of Tenable Security is conducting a series of Webinars on a variety of interesting network security topics. I watched Tuesday's edition on vulnerability management.

The Webinars are not a selling vehicle for Tenable products. Instead, Ron explains one or more aspects of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 security scene. If you know Ron you recognize he knows network security better than almost anyone out cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re. The next Webinar is scheduled for today, and all are free.