White Hat Hackers Earned More Than $30,000 from DoD’s Bug Hunting Program

White Hat Hackers Earned More Than $30,000 from DoD’s Bug Hunting Program

The U.S. Department of Defense (DoD) awarded prizes of over $30,000 to hackers in a bug bounty program aiming to strengthen the network infrastructure for proxies, VPNs and VDIs (virtual desktops.) The ...

How Will the CMMC Impact My Business and How Can We Prepare? Part 3 of 3

| | CMMC, Cybersecurity, DoD, government
Combining Cyber Standards – Is ‘Unified’ Always A Good Approach? The CMMC enforcement model will require a significant adjustment to the way contractors conduct government business – from procurement to execution. In ...

How Will the CMMC Impact My Business and How Can We Prepare? Part 1 of 3

| | CMMC, cyberattack, DoD, government
Part 1: Laying the Groundwork for Achieving Certification In June of this year, my colleague Tom Taylor wrote about the DoD’s announcement to instate the Cyber Security Maturity Model Certification (CMMC) and ...
identity fraud

Service Members Targeted in Identity Fraud Scheme

Five individuals were indicted for the reprehensible crime of defrauding U.S. military veterans and current service members of their benefits. The five accused of the fraud are identified as Robert Wayne Boling ...
Security Boulevard
Supply Chain Vulnerabilities from Legacy Approaches

Supply Chain Vulnerabilities from Legacy Approaches

| | DoD, PreVeil, supply chain
In a recent customer discussion, a CISO shared his concern with me regarding his company’s data. He worried that confidential data that had been shared with their suppliers would be leaked. He ...

The CMMC – A Palatable Enforcement Solution to DFARS Requirement?

My colleagues and I have been warning about the Department of Defense’s (DoD’s) looming enforcement of DFARS clause 252.204-7012 for a while now, as many Tripwire customers handle government CUI. Inevitably, we ...

EDR + Application Containment: Redefining the Modern Endpoint Security Stack

Despite record spending on cyber security, government agencies are not making significant headway in winning a battle against cybercrime. New white paper explores how threat-actors continues to be successful in bypassing layered ...

Google+ Shutdown, Weapons Systems Vulnerabilities, Voice Phishing Scams – WB38

This is your Shared Security Weekly Blaze for October 15th 2018 with your host, Tom Eston. In this week’s episode: Google+ shutdown, weapons systems vulnerabilities, and new data on voice phishing scams ...
DOD Seal

DoD RMF Part 1: How We Got to the RMF

| | community, diacap, DoD, FEATURED, FISMA, NIST, rmf
Over the next few weeks, I plan to post about the RMF process. This will piggy back on and expand upon the article: My Experience with the DoD Version of the RMF ...
EH-Net - NIST 800-37 RMF - NIST Logo

My Experience with the DoD Version of the RMF

Anyone out there dealing with the DoD implementation of the NIST 800-37 RMF? Just in case, it’s the “Guide for Applying the Risk Management Framework to Federal Information Systems” developed by the ...
Loading...