214 research outputs found
An anti-malware product test orchestration solution for multiple pluggable environments
The term automation gets thrown around a lot these days in the software industry. However, the recent change in test automation in the software engineering process is driven by multiple factors such as environmental factors, both external and internal as well as industry-driven factors. Simply, what we all understand about automation is - the use of some technologies to operate a task. The choice of the right tools, be it in-house or any third-party software, can increase effectiveness, efficiency and coverage of the security product testing.
Often, test environments are maintained at various stages in the testing process. Developer’s test, dedicated test, integration test and pre-production or business readiness test are some common phrases in software testing. On the other hand, abstraction is often included between different architectural layers, ever-changing providers of virtualization platforms such as VMWare, OpenStack, AWS as test execution environments and many others with a different state of maintainability. As there is an obvious mismatch in configuration between development, testing and production environment; software testing process is often slow and tedious for many organizations due to the lack of collaboration between IT Operations and Software Development teams. Because of this, identifying and addressing test environmentrelated compatibility becomes a major concern for QA teams.
In this context, this thesis presents a DevOps approach and implementation method of an automated test execution solution named OneTA that can interact with multiple test environments including isolated malware test environments. The study was performed to identify a common way of preparing test environments in in-house and publicly available virtualization platforms where distributed tests can run on a regular basis. The current solution allows security product testing in multiple pluggable environments in a single setup utilizing the modern DevOps practice to result minimum efforts.
This thesis project was carried out in collaboration with F-Secure, a leading cyber security company in Finland. The project deals with the company’s internal environments for test execution. It explores the available infrastructures so that software development team can use this solution as a test execution tool
HANDLING CYBERSECURITY RELATED INCIDENTS IN THE SECURITY OPERATION CENTER OF THE POLYTECHNIC OF LEIRIA
In the present day, IT systems are an integral part of most organizations, and
play a huge role it their success. With the necessity to connect these systems to
the internet to further amplify their benefits and possibilities, comes the issue of
cybersecurity. Allied to the importance of these systems for the organizations, comes
the interest of attackers in disrupting these same services. When the amount of
cyberattacks occurring everyday is taken into consideration, and how these might
impact organizations, this issue becomes one of the greatest challenges they have to
deal with.
The problems that this project deals with is fundamentally connect with this
issue. With the variety of attacks that currently circulates Security Operations
Center (SOC) rely on many different software to monitor their systems, which in
turn create too much information to be handled individually by security analysts.
In this project this issue was analyzed, as well how it can be handled, as the main
objective of this is project is to find a solution for the SOC of the Instituto Politécnico
de Leiria (IPLeiria) which is facing this very same issue. The proposed solution to
this problem is through Security Orchestration, Automation and Response (SOAR).
SOAR encompasses different concepts that help in creating effective and efficient
routines to handles the incidents that a SOC faces on a daily basis.
To tackle this problem in the case of the IPLeiria SOC, the solution found relied on
the use of a SOAR platform or software. For this effect different solutions available
were analysed, including free and paid software. The choice came down to using a
free software called Shuffle 1 in conjunction with the already existent in the IPLeiria
SOC case management platform TheHive 2.
With these two tools, different playbooks were developed to handle the most
prominent type of incidents the SOC faces
Finding Health & Safety Buried Treasure with AI
PresentationThe challenge to glean understanding and insight from an array of historical safety-related reports and observations has existed since the dawn of the HSE discipline. While most organizations today use traditional methods to analyze past events and activities along structured elements (time, place, risk rating and so on), a vast amount of wisdom around hazard identification, root causes and risk control measures remains buried in textual descriptions and reports, and teachable moments become lessons lost. The hands and minds that developed these textual artifacts may be among the most seasoned in the organization, bringing years of experience to bear on the issues and opportunities involved. Such artifacts are then clearly buried treasure. Exploring and surfacing the insights contained in artifact repositories calls for new tools. Using these, a new type of H&S performance indicator could emerge: latent indicators, lying concealed within the written record, offering as much or more value as the leading and lagging indicators used today. This paper describes leveraging the power of artificial intelligence (AI) to absorb large amounts of safety-related textual information, find common themes and identify similar events, which are then analyzed for patterns in causes and controls. This solution, used in concert with traditional analytics, offers unprecedented power to comprehend and visualize collective safety knowledge from historical record. Transforming words to wisdom in this manner not only illuminates the past but also provides a basis for actioning improvements in operational excellence
Trusted CI SLATE Engagement
Final report of the Trusted CI SLATE Engagement.NSF #1547272NSF #1724821Ope
10 steps to a digital practice in the cloud : new levels of CPA firm workflow efficiency
https://egrove.olemiss.edu/aicpa_guides/2718/thumbnail.jp
FROM OVERWHELMED TO OVERCOMING: DEVELOPING A PRE-INGEST PROCESSING MANUAL FOR BORN DIGITAL CONTENT
This paper discusses the challenges of implementing the Open Archival Information System (OAIS) reference model for born-digital materials in digital preservation. Although the OAIS model has been globally recognized for its universal terminologies and conceptual standards, it offers little guidance in terms of tangible implementation. Consequently, archivists have created various methods and tools for OAIS-compliant digital archival preservation workflows. This paper presents a project at Duke University Medical Center Archives, which aims to enhance the repository’s current Electronic Records Processing Guide using the digital materials from two recent accessions. The revised guide will be tested and developed, utilizing open-source digital forensic tools to process electronic records for ingest into the repository’s OAIS-compliant integrated archives management system. The outcomes of this project will provide increased stability and efficiency in processing a larger volume of digital materials.Master of Science in Library Scienc
Cybersecurity: Past, Present and Future
The digital transformation has created a new digital space known as
cyberspace. This new cyberspace has improved the workings of businesses,
organizations, governments, society as a whole, and day to day life of an
individual. With these improvements come new challenges, and one of the main
challenges is security. The security of the new cyberspace is called
cybersecurity. Cyberspace has created new technologies and environments such as
cloud computing, smart devices, IoTs, and several others. To keep pace with
these advancements in cyber technologies there is a need to expand research and
develop new cybersecurity methods and tools to secure these domains and
environments. This book is an effort to introduce the reader to the field of
cybersecurity, highlight current issues and challenges, and provide future
directions to mitigate or resolve them. The main specializations of
cybersecurity covered in this book are software security, hardware security,
the evolution of malware, biometrics, cyber intelligence, and cyber forensics.
We must learn from the past, evolve our present and improve the future. Based
on this objective, the book covers the past, present, and future of these main
specializations of cybersecurity. The book also examines the upcoming areas of
research in cyber intelligence, such as hybrid augmented and explainable
artificial intelligence (AI). Human and AI collaboration can significantly
increase the performance of a cybersecurity system. Interpreting and explaining
machine learning models, i.e., explainable AI is an emerging field of study and
has a lot of potentials to improve the role of AI in cybersecurity.Comment: Author's copy of the book published under ISBN: 978-620-4-74421-
- …