All Articles

Digital Edge’s Log Managed Solutions are delivered as a fully managed cloud service. You only need to point your logs to us and we will:

• Aggregate and safely store your logs;
• Give you full visibility into your logs including advanced search and filtering;
• Alert you on required patterns;
• Help you to customize this solution and integrate it with your other systems such as Security Information and Event Management system (SEIM), compliance reporting and others.

To see the architecture click here.

On Tuesday, August 16, Digital Edge passed the International Organization for Standardization’s (ISO) Quality Management Surveillance Audit using the 9001:2008 framework. ISO is an independent, non-governmental international organization with a membership of 163 national standard bodies. ISO is credited for publishing more than 2100 international standards, covering almost every industry, from technology, to food safety, to aviation and healthcare.
 

Digital Edge’s Security Team assists clients with cyber security forensics and often hears the question – “what is the proper way to report to law enforcements?” As a company, we aim to aid our clients in informing them on the right steps to take when dealing with a cyber-incident. There is a growing number of cyber networks that were seriously attacked and this is not a matter to be taken lightly. This is why Digital Edge feels it is important to know the right procedure. These incidents can result in serious consequences with the capability of causing lasting harm. By reporting these incidents, the government can assist them with agencies that can investigate the incident, lessen the consequences, and help avoid these cyber incidents in the future.

Please click here for more information.

If you feel that you need assistance from the Digital Edge Security team, please contact us at support@DIGITALEDGE.NET or open a ticket through Digital Edge web site at https://www.digitaledge.net.

Digital Edge reviews Verizon’s 2016 Security Breach Report, this report partners with companies in order to provide the public with critical security information. This Security Breach Report includes the number of security breaches, the types of attaches, as well as successful attacks.

Digital Edge builds Infrastructure as a Service (IaaS) solutions based on our close relationships with our hardware and software manufacturing partners. The IaaS based Exchange infrastructure utilizing Fortinet product stack is outlined in this document.

Are we done with the cloud revolution? Is the crusade against hardware over? Was getting rid of the hardware from our closets the final goal? Right, the cloud movement started with the goal to free up IT departments from the subject that is universally hated –  hardware related headaches, from renewals, end of lives, end of supports, those sticky VARs, capital investment, to the constant feeling that when you invest capital into your new hardware that you are losing 10-20% of your money’s value right away. This feeling is comparable to the notion of buying a new car and driving out of the dealership – the car is now not worth that same as when you signed the contract, minutes before. 

For the past few months, the security community did not surprise its audience with anything interesting, but this week there have been a few updates worth to share:

1. The administrative web services interface in Juniper ScreenOS before 6.3.0r21 allows remote attackers to cause a denial of service (reboot) via a crafted SSL packet. There are more denial types of vulnerabilities found in Juniper software. 
2. Multiple gnu_glibc libraries vulnerabilities potentially exposing threat to cause denial of service were discovered. 
3. The most interesting is Xen overflow vulnerability. This vulnerability allows guest to corrupt physical host. Those type of vulnerabilities are troubling security professionals, showing that information technology should not blindly trust virtualization encapsulation.  

All Digital Edge managed or co-managed clients will be patched according to individual schedules. 
If you feel that you need assistance from the Digital Edge Security team please contact Danielle Saladis at dsaladis@DIGITALEDGE.NET. 
Please click here for more information. 

Digital Edge is committed to providing the highest levels of security within all the IT infrastructure environments under its care. In order to achieve this utmost goal for all of our clients, we continuously maintain vigilance both on the productive side of IT as well as on its destructive side. We thus send out news and security bulletins such as this one from time to time to ensure that our clients are informed and educated on any important developments in IT security and are fully aware of what we are doing to ensure that we and our clients are always at the Cutting and at the Digital Edge of technology.

Digital Edge has decided to simply classified types of attacks, so that when we discuss tools and vectors we will refer this document. 

1. Frontal Assault

1.a - Code Tampering: This type of attacks are conducted from outside of a client's, by probing open ports and trying to force the code behind those ports to do unwanted actions, allowing hackers either remote execution, illegal upload with further execution, or system crash. 
1.b - Brute Force: An attacker uses techniques that are trying multiple combinations of passwords and keys trying to pick correct combination. 
1.c - Denial Attack: When an attacker creates either a large number of requests or specifically crafted requests or both at the same time to cause a client's system to stop responding. 
1.d - Floods: An attacker creates large amount of traffic, produced by hacker's controlled infected machines - "bots or zombies" to simply overflow capacities of the client networks or their ISPs.

2. Internal Assaults

2.a - Browser Scripting Attacks: During this attack, a hacker is convincing a user to go to a malicious website. Such website has a java or other scripting code that cause client's browser to perform unwanted actions, infect the computer, download unwanted software, etc. 
2.b - Email Attacks: During this attack, a hacker tricks a user to open an attachment that has a code that causes the opening program such as MS Office, Adobe PDF viewer, etc. to perform unwanted actions, such as infect the computer, download unwanted software etc.
2.c - Removable Media Attacks: This attack is conducted through an infected removable media. A USB memory card may have a malicious software that is executed when the storage is attached to the client's computer. 
2.d - BOYD Device Attack: A hacker would be able to infect client's personal desktop or personal phone and wait for when the user will bring it to the office. The infected "own" device can spread infection inside the local network. 

In the future, the Digital Edge Security Team will publish Security Solutions Reviews which will always refer to this classification, specifying which security challenge the solution is supposed to solve.

Digital Edge received this White Paper from Plexxi, written by Plexxi in a partnership with Colovore,  King Star Computer, and Piston. We feel that this white paper has great importance to the IT community as there is a current misconception of the cost savings of the cloud is “as high as ever”. 

Digital Edge has reached out to Plexxi to permit us to re-publish this White Paper, however have not yet received any feedback. If we are requested to do so, we will remove it from our White Paper section. 

This white paper is completely aligned with Digital Edge’s view on TCO and ROI. Additionally, this paper explains latest news from Apple, that the company is planning to build their own datacenters, thus leaving AWS with a few billion dollar gap in AWS’s yearly gross sales.