STST Partners with 3XLOGIC as Authorized Dealer and Integrator

Not just another IP camera manufacturer, 3XLOGIC is changing how the end user manages and interacts with the IP ecosystem through implementing industry leading software-as-a-service architecture that gives even the newest IT novice the power to manage a complicated network of IP cameras and access control technology like a pro admin.
3XLOGIC makes use of the cloud for all storage and video processing needs, and systems will not feature on-site NVRs. This creates a robust video management structure and shifts processing power requirements away from the end-user or any computers located at the site. Through their proprietary “Infinias CLOUD” cloud hosting technology, a 3xLOGIC system can easily be made capable of handling video monitoring and analytics alongside access control solutions from just a single door all the way to “enterprise” scale operations.
This cloud based service “delivers broad access control capabilities to conveniently secure and manage user location(s)” (3xlogic.com) and uses an easy to use browser-based GUI. Having an easy to understand end-user interface allows for access control to be both practical and affordable for virtually any user, independent of the size of the business or the technical expertise of the end-user.
The user can “view, monitor, and report” (3xlogic.com) on events and alarms, as well as do things like define security rolls and create different levels of access privileges for the individual users.

Unique to the systems that can be built using 3xLOGIC’s hardware are what they term the “rules engine”. This is a logic system in their cloud space that allows the customer to “build the functionality they need such as Lock-down, First-in, last-out, n-man rule, and much more” (3xLOGIC.com) This rule engine can be used effectively on any scale to apply systems of rules and is particularly useful for access control purposes.

The “Infinias” cloud system is also capable of interfacing with wireless locks, which is increasingly a popular method used in large scale security solutions. While the same effect can be achieved by running wire to each door in the facility, the relatively low cost of using wireless locks, cameras, and etc. make this an increasingly attractive option for some. With time and improvements to wireless technology and a greater number of systems making use of cloud technology, wireless “everything” seems to be just on the horizon.

Overall, the solutions offered by 3xLOGIC are some of the most smooth and seamless out there. Technology like this is setting the stage for the future of fully integrated video surveillance, analytics, and access control systems. Above industry standard IP cameras, custom analytics, and a simple yet robust end-user interface all make 3xLOGIC stand out even among what sometimes feels like a crowded security market.
Security Technology of South Texas is an authorized dealer and integrator for 3xLOGIC. Contact us today to see what kind of system is right for your business or project.
Call us 24/7 at    (210)-446-4863     or       email admin@gostst.com

Source: 3xLOGIC.com

Avigilon Blue: A Powerful New Integrator Cloud Service Platform

Avigilon Blue is a new product from industry leader in IP video and access control Avigilon. What makes this product unique is its ability to integrate on premise using a “quick-to-deploy Avigilon Blue Connect device that stores all video locally while sending video analytics clips to the cloud.” (Avigilon.com)
This cloud-based, software-as-a-service platform is easy to set up, configure, and link to the cloud. This process takes only minutes and uses universal “plug-and-play” network protocols with an intuitive web-based user interface.
Once logged in to the system, the administrator can access Avigilon’s Subscription Center to view real-time account and subscriber information. The dashboard, viewable on any typical Internet connected device, allows quick identification of trends and system behaviors to isolate problems without dispatching personnel to the site being monitored.

The platforms also supports both Avigilon and ONVIF compliant cameras, using real-time alarm notifications on any desktop or mobile device to bring attention to critical events requiring the most immediate attention.
Probably the greatest asset of Avigilon Blue is its simplicity. What looks like a cable-box or router, the compact blue box that houses Avigilon Blue can be located anywhere in the facility reachable by network cabling. The software is intuitive and easy to configure even for IT novices. Furthermore, Avigilon Blue is highly scalable. As the need for expansion arises, Avigilon Blue can keep pace.

The platform is powered by Microsoft Azure and leverages cloud services that are built, deployed, and managed through a global network of trusted datacenters, providing enterprise-grade security right out of the box.
Avigilon Blue aims to be a game changing security platform for enterprises both great and small. As the industry moves more and more into the cloud, Avigilon Blue will be leading the way on the bleeding edge of hosted security services for the coming years.

Security Technology of South Texas is an Authorized Dealer and Integrator for Avigilon. We have the experience and commitment to excellence to give your business the security measures  it needs to keep your product, employees, and site safe.
 Call Us 24/7 at (210)-446-4863
 or email at
Source: Avigilon.com

Cyber Threats to the US Power Grid

Every day billions of activities from across multiple digital platforms must be monitored and checked by cyber security experts working to protect the US power grid from cyber attack. 24 hours a day, workers must monitor electronic messages from both within the state owned power utilities themselves and from the outside.

The IT infrastructure of the power grid makes for a prime target for potential attackers, and the ability to generate widescale physical world consequences through penetrating power companies’ systems makes for an enticing hack to some “threat actors”. TVA, Tennessee Valley Authority, for example, operates 29 power-generating dams, seven nuclear reactors and maintains multiple connections to the Oak Ridge nuclear weapons production arsenal. These factors cause it to be regarded as amongst the most prime targets for cyber terrorists.

Andrea Brackett, director of TVA’s Cybersecurity group, says this federal utility company has adequate protection.

“There are all kinds of threat actors that attempt to test us on a daily basis, but I think we are in a really great spot with all kinds of layering of defenses to make sure that we’re protecting our operational assets from different types of cyber attacks that could happen, whether that is from the internet or internally from within TVA,” she said. “We’ve not had any events that have impacted our operational capability.”

But in the climate following recent hacks into Equifax and Yahoo, cyber crime seems to be a looming threat, with the energy sector regarded as a sort of pinnacle for those with cyber terror ambitions.

Homeland Security Secretary Kirstjen Nielsen believes we are in fact in something of a “crisis mode” with respect to cybersecurity.

“Cyber threats now represent a greater threat to the United States than physical threats,” Nielsen recently warned. “Our digital enemies are taking advantage of all of us. They are exploiting our open society to steal, to manipulate, to intimidate, to coerce, to disrupt and to undermine.”

Each day TVA alone watches as tens of thousands of attempts to hack into their networks are made. Many of these conducted by hostile nation states in an ongoing back and forth, testing the resilience and responsiveness of US cyber defense.

Ultimately the US will be forced to bring its infrastructure more and more into the age of the Internet and rely less on the mere antiquation of its machines as a defense, and as it does, external and internal threats alike will continue to test the security apparatus charged with protecting the grid. As it stands now, there are many other countries with newer infrastructure that may be easier to break into, although there are few prizes more enticing to cyber terrorists than the power grid of the US.

——————————————————————————————————————————————

Security Technology of South Texas is locally owned and operated out of San Antonio, Texas. We provide integration of security products and infrastructure for commercial scale projects in the South Texas area.

Call us today to set up a consultation, 24/7 210-446-4863 or email admin@gostst.com on our website

Surveillance Cameras’ Feeds Made Vulnerable Due to Bug: Zero-Day Exploits

Last month researchers from cybersecurity firm Digital Defense disclosed they had discovered a vulnerability in Nuuo NVRmini 2 Network Video Recorder firmware, basic software which is used in hundreds of thousands of IP surveillance cameras across the world.

The Linux-based software is used in a wide array of the company’s IP cameras, supports NAS storage and is capable of monitoring up to 64 live video channels. The bug centers around an unauthenticated remote buffer overflow security flaw which an attacker can exploit through executing arbitrary code on a system with root privileges. In addition to allowing a potential attacker to make use of the bug to access and modify video feeds and recordings from their cameras, the exploit also permits changing the configuration and settings of cameras.

This is achieved through “Overflowing of the stack variable, which is intended to hold the request data, results in the overwriting of stored return addresses, and with a properly crafted payload, can be leveraged to achieve arbitrary code execution,” Digital Defense said.

NVRmini 2 firmware prior to and including version 3.9.1 are vulnerable to this exploit, however Nuuo has responded to the discovery and has released a patch to resolve the issue.

So called zero-day exploits are some of the most damaging security flaws you can have in your security solution at large. These exploits or bugs are found in software from the day of its release onwards unless they are detected through chance or pro-active research into the software as described in the situation above. These exploits will be known only to potential attackers and the online communities they share this intel with up to that point, and a significant degree of damage and compromise can occur during that time period, up to and including the possible installation of backdoors unknown to the creators of the software and modification of source code if the exploit allows for that.

The zero in “zero-day” actually refers to the time at which the vendor of the software discovers the vulnerability. Up to that day the vulnerability would be referred to as a zero-day vulnerability, but after 30 days, a 30-day vulnerability and so on. It is during this time that the vendor will typically be working on a patch or workaround to mitigate the exploit, but depending on the specifics of the bug, potential attackers with knowledge of the bug may also be working on “counter patches” of their own.

A zero-day attack should always be considered a serious threat, and even after a patch has been developed, there is no guarantee that every user or even a majority will have installed the patch. Those who write malware have several different attack vectors available to them to exploit zero-day vulnerabilities, from executing malicious code exploiting web browsers to email attachments containing malicious code via SMTP.

In the context of the security industry, these types of exploits can have potentially devastating consequences. As we trust in the convenience and technical superiority of IP cameras and access control systems, it is critical to use reputable vendors and an integrator with the response time to manage and respond to crisis events.

——————————————————————————————————————————————

Security Technology of South Texas is locally owned and operated out of San Antonio, Texas. We provide integration of security products and infrastructure for commercial scale projects in the South Texas area.

Call us today to set up a consultation, 24/7 210-446-4863 or email admin@gostst.com on our website