Summary: Endpoint Protection - New vulnerabilities have been remediated in the Symantec Endpoint Protection product. What many may not know is that this product does whitelisting. What are your thoughts on Whitelisting, how can it help and is it feasible in some or many environments? Sonos, Smart TV, Playstations - Many will state that these such devices "are not on my network". But how do you know unless you look? How common are home and SOHO products on enterprise networks? What risks do they pose? Defining Critical - Last week we talked about critical vulnerabilities, this week I want to turn the focus to critical log events. SANS publishes the "SANS 6 Categories of Critical Log Information", is this applicable to most organizations? Is one person's log data going to have different forms of "Critical"? Or are there categories that we can all share in common, and how many custom categories should you create?
