How to Apply the Risk Management Framework (RMF)

What is the Risk Management Framework? The Risk Management Framework (RMF) is most commonly associated with the NIST SP 800-37 guide “Guide for Applying the Risk Management Framework to Federal Information Systems: ...
password spraying

Pentest Toolbox Additions 2018

I’m a red teamer,.I do work similar to pentesting and use many of the same tools. This year, I’ve added several tools to my toolbox. I’ll introduce them to you below. I ...
Security Posture Using Critical Security Controls

6 Ways to Improve Your Security Posture Using Critical Security Controls

As we near the end of 2018, technology professionals and businesses alike are looking back on the last 12 months and evaluating highs and lows. For businesses, this can be an essential ...
Security Boulevard
 Originally Seen On   Algorithmia   ,   via   Prooffreaderswhimsy  !

Anti-Exfil: The Is-Self, Not-Self Solution?

Originally Seen On Algorithmia, via Prooffreaderswhimsy! via Karen Hao, writing at MIT's Technology Review magazine, reports on a relatively new-and-novel security product monikered Darktrace. Here's the quote from the organization's co-CEO Nicole ...

What is Vulnerability Management Anyway?

Vulnerability management (VM) programs are the meat and potatoes of every comprehensive information security program. They are not optional anymore. In fact, many information security compliance, audit and risk management frameworks require ...

How DevOps and CIS Security Controls Fit Together

At this point, the Center for Internet Security’s Security Controls are an industry standard for technical cyber security. The first six basic controls can prevent 85 percent of the most common cyber ...

The UK’s Minimum Cyber Security Standard: What You Need to Know

In June 2018, the UK Government, in collaboration with NCSC (National Cyber Security Centre), produced a new security standard that all Government “Departments”, including organisations, agencies, arm’s length bodies, and contractors must ...

6 Steps for Establishing and Maintaining Digital Integrity

To create a secure digital profile, organizations need digital integrity. This principle encapsulates two things. First, it upholds the integrity of files that store operating system and application binaries, configuration data, logs ...

Mapping the ATT&CK Framework to CIS Controls

| | FIM, SCM, Security Controls
For the better part of a decade, I have spent a good amount of time analyzing security and compliance frameworks. There is beauty to be found in every one of them. Some ...

Why You Need to Master the Basics – A Three Step Campaign

When I was growing up, my father enrolled me in martial arts at an early age. I liked everything about it. I liked the friends I made, I liked the sense of ...
Loading...