Big Data Malware Analysis - Novetta Totem

Novetta is working on a "Big Data" approach to Malware Analysis. Their community / proprietary product is called "Totem".

Looked at their pres at BH US 2015 and then dove into their recent report (yes - yet another one!) on the Sony incident. Surprisingly, (parts of) their Sony report is worth a read.

You can find my summary here.


Microsoft's Azure Active Directory: A new paradigm for Authentication

Looked at some introductory videos for Azure Active Directory ("AAD") Developers. Wow!

MS is reinventing itself with a whole new paradigm for AuthN / IDaaS out in the cloud.

Wrote a quick report summarizing video content. You can find it here.

TL;DR summary:

  • AAD and AD become a single logical entity. On-premise AD driven from cloud-based AAD.
  • Strategic AuthN protocols are:
    • OpenID Connect (MS extension of OpenID)
    • OAuth
    • WS-Federation / SAML are *not* strategic. Neither is Windows Identity Foundation.
  • Apps (public or corporate) must be registered to AAD. After that federation is easy.
  • ADAL is MS multi-platform open-source SDK to do AuthN, also Xamarin, Apache Cordova
  • Win10 will have new AuthN flows integrated at OS level: “WebAccountManager” API
  • Whole effort is serious MS “catch-up”; work in progress, rough around edges, incomplete at times
    • Eg.Kludgy support of single-page web apps with Javascript calling multiple background Web APIs.
  • Major MS paradigm shift / change in fundamental architectural direction.


AWS' Security Model; AWS MS AD support

After a long hiatus ....

Took a quick look at Amazon AWS' Security Model, followed by a closer look at their Active Directory integration offerings.

The following small report summarizes the distilled wisdom of 20-odd whitepapers for your reading pleasure and enjoyment.

AWS’ Security Model and MS AD support