Ultimate Windows Security Newsletter:

This month we get an interesting mix of security patches from Microsoft.  None of these are at the “the sky is falling!” level of severity and all of the patches are Workstation/Terminal Server focused; if you are a server only admin you can probably relax provided you don’t engage in end-user activities such as web browsing or working with documents or email while logged on at the server.  I think you are prudent to conduct full testing before any deployment.  Several of the patches might be altogether avoidable depending on your environment including MS07-034 (Windows Mail and Outlook Express) as well as MS07-032 (Windows Vista only patch).   Exploit details are public for 2 of the bulletins but due to other mitigating factors noted in the chart below I’m not recommending accelerated testing.

No time to decode event logs? Get served with the events that matter, in real time!
GFI EventsManager is the solution for centralized event log management & reporting. Boasting the most advanced event processing & filtering rules in the industry, this tool acts as an early-warning system for failures & alerts on possible security breaches. Get to know what's really happening on your network.

Logging in Depth – Secure, Comply, Save – with EventTracker Complete Event Management
EventTracker software improves network security with centralized event log monitoring, security events correlation, host based intrusion detection and security beyond firewall. It provides unattended enterprise-wide event log management for millions of events a day.


Later this month I’m presenting a special training webinar on PCI compliance and how to automate a large portion of the activities associated with PCI DSS.

Exploiting Log Management and Vulnerability Scanning to Comply with PCI DSS

If your company accepts credit cards you are affected by the Payment Card Industry’s Data Security Standard.  Do you have a handle on the most laborious activities required by PCI DSS?  PCI requires you to “Track and monitor all access to network resources and cardholder data.”  In this webinar commissioned by GFI Events Manager and LANGuard, Randy Franklin Smith will provide an overview of PCI DSS’s 12 requirements and then dive into the details of Requirements 10 and 11.  While discussing Requirement 10 (Track and monitor all access to network resources and cardholder data) you will identify the key log sources you need to monitor in a Windows-centric network.  Randy will then discuss Requirement 11 (Regularly test security systems and process) and identify opportunities to automate these quarterly tests.  You will also learn how effective log management reporting tool can help you comply with 3 other PCI DSS requirements.  Then??? from GFI will demonstrate how GFI has designed Events Manager to collect these varied log files into a central database for easy monitoring and tracking.  You’ll learn about Events Manager’s agent less architecture and determine if its right for you and you’ll take home key compliance points from Randy Franklin Smith that you can use no matter what log management solution you use.  You will also learn about GFI’s network vulnerability scanner, LANGuard and how GFI has updated both tools with specific features to facilitate PCI compliance.