Cloud Security Threats: Escaping the Egregious Eleven – Part Two

Depending on your familiarity with the Cloud Security Alliance (CSA) publications, part one of this blog was intended as either an introduction or a nagging reminder of the ‘Egregious Eleven’ security threats ...
business security

Security Awareness: Adding a Business Context

Putting security in a business context can help employees be more cautious with their organization’s resources In my first blog I would like to give my perspective on how to spread security ...
Security Boulevard

What Is FIM (File Integrity Monitoring)?

File integrity monitoring (FIM) exists because change is prolific in organizations’ IT environments. Hardware assets change. Software programs change. Configuration states change. Some of these modifications are authorized insofar as they occur ...

Privileged Access Management Issues? Enter Tripwire Password Manager

So, you have 2000 network devices in your environment and everyone is telling you that you have to rotate all 2000 device passwords every 30, 60 or 90 days (at a minimum) ...

How to Apply the Risk Management Framework (RMF)

What is the Risk Management Framework? The Risk Management Framework (RMF) is most commonly associated with the NIST SP 800-37 guide “Guide for Applying the Risk Management Framework to Federal Information Systems: ...
password spraying

Pentest Toolbox Additions 2018

I’m a red teamer,.I do work similar to pentesting and use many of the same tools. This year, I’ve added several tools to my toolbox. I’ll introduce them to you below. I ...
small business

6 Ways to Improve Your Security Posture Using Critical Security Controls

As we near the end of 2018, technology professionals and businesses alike are looking back on the last 12 months and evaluating highs and lows. For businesses, this can be an essential ...
Security Boulevard
 Originally Seen On   Algorithmia   ,   via   Prooffreaderswhimsy  !

Anti-Exfil: The Is-Self, Not-Self Solution?

Originally Seen On Algorithmia, via Prooffreaderswhimsy! via Karen Hao, writing at MIT's Technology Review magazine, reports on a relatively new-and-novel security product monikered Darktrace. Here's the quote from the organization's co-CEO Nicole ...

What is Vulnerability Management Anyway?

Vulnerability management (VM) programs are the meat and potatoes of every comprehensive information security program. They are not optional anymore. In fact, many information security compliance, audit and risk management frameworks require ...

How DevOps and CIS Security Controls Fit Together

At this point, the Center for Internet Security’s Security Controls are an industry standard for technical cyber security. The first six basic controls can prevent 85 percent of the most common cyber ...
Loading...