Intrusion Detection and Prevention

EDUCAUSE Library Items for Intrusion Detection and Prevention

Spear Phishing: Novel Techniques for Detection and Prevention

April 17, 2013

Spear phishing is one of the most serious class of threats that IT security struggles with. While spear phishing attacks are seemingly straightforward, the variability of delivery and infection of …

Cybercrime Threats: How Criminals Bypass Security Measures to Steal Your Sensitive Data and Money and Ruin Your Reputation

May 16, 2012 | A session at the Security Professionals Conference 2012

Data breaches and credential/PII theft incidents are becoming more prevalent, and recent red flag rules require heightened data security procedures. Meanwhile, BYOD, social media proliferation, and…

Tools and Methods for Managing Snort Sensors in Distributed Environments

May 16, 2012 | A session at the Security Professionals Conference 2012

Intrusion Detection Systems are a valuable component of a security monitoring program; however, they can be expensive to operate, both in terms of equipment/licensing costs and person hours. By mak…

A Gentle Introduction to Bro

April 4, 2011

For years, organizations with large networks and highly skilled computer security incident response teams have struggled to detect many intruders or even understand their own networks. The tools av…

Raising Awareness of Website Vulnerability: How to Protect Your University's Site from Threats

April 5, 2011 | A session at the Security Professionals Conference 2011

As universities make the complete transition to a web-based interface, they must be aware of the constantly evolving strategies and attacks of hackers looking to exploit vulnerable websites. The im…

The Evolution of SES, REN-ISAC's Security Event System

April 6, 2011 | A session at the Security Professionals Conference 2011

The REN-ISAC has developed and implemented the Security Event System (SES) within the REN-ISAC community. SES facilitates the sharing and correlation of operational threat data among institutions a…

Seminar 01A - Our Shared Risk, Our Shared Responsibility: Learning to Prevent Confidential Data Loss PLEASE NOTE: Separate registration and fee are required to attend this seminar.

April 4, 2011 | A session at the Security Professionals Conference 2011

The information security team at Texas State University has embarked on a strategic initiative to prevent confidential data leakage through a combination of endpoint protection, data loss preventio…

Phishing Technical Controls: Beyond Proofpoint

April 5, 2011 | A session at the Security Professionals Conference 2011

As phish attacks increase in sophistication, a focused technical arsenal to combat them is necessary. We will share an innovative, cost-free preventative control that can identify a phish-related U…

Seminar 02P - Malware Detection and Mitigation with Passive DNS and Blackhole DNS PLEASE NOTE: Separate registration and fee are required to attend this seminar.

April 4, 2011 | A session at the Security Professionals Conference 2011

Modern malware is now highly reliant on DNS systems to coordinate communications between infected clients and controlling servers. This dependency can be exploited to detect and mitigate infections…

Sensitive Data and Public Systems: Free Tools and Tactical Approaches to Reduce Information Exposure Risk

April 5, 2011 | A session at the Security Professionals Conference 2011

The growing number of public-facing university systems also leads to increased risk of potential disclosure of sensitive information. This session will explore pragmatic, technical approaches secur…