the State of Security

Security Controls

Security Controls and the State of Security

How To Deal with a Security Incident

How To Deal with a Security Incident

by Cindy Valladares

“Incidents are bound to happen, there’s no avoiding it!” Are you prepared to deal with a security breach? Infosec expert and ‘cynic’ Javvad Malik interviews Brian Honan (@BrianHonan on Twitter) internationally recognized information security expert, during Infosecurity Europe conference to offer tips on how to respond to security incidents. First tip? Identify if the problem [...]

Read More
Play it again OpenSAMM – The Fundamental Things Apply

Play it again OpenSAMM – The Fundamental Things Apply

by Adam Montville

OK, so “play it again OpenSAMM” is a twist on a misquote from Casablanca, but the song Sam sings in that movie does say, “fundamental things apply.” One fundamental in our world, which seems often overlooked, is that of software assurance. Enter OWASP and it’s Open Software Assurance Maturity Model (OpenSAMM). Before you roll your [...]

Read More
Verizon’s latest breach delivery

Verizon’s latest breach delivery

by Dwayne Melancon

I was catching up on my backlog of podcasts last week, and listened to Episode 271 of the Network Security Podcast (part of my balanced diet of security fiber). If you’re not familiar with this podcast, it consists of Rich Mogull, Zach Lanier, and Martin McKeay shooting the breeze about security topics. It is very casual, and very informative – I recommend you subscribe if you haven’t already.

Read More
Hardening your Systems is Job #1

Hardening your Systems is Job #1

by Crystal Miller

Hardening your security configurations is job #1 in preventing breaches and detecting and correcting any subsequent changes that weaken them. Yet in complex corporate IT settings, it’s easy to understand how basic steps to security are overlooked. Especially when everything you are doing is a #1 priority. In a 2011 June report entitled “Perceptions About Network Security,” [...]

Read More
FIM is Dead — Long Live FIM

FIM is Dead — Long Live FIM

by Michael Thelander

Sometimes you just can’t see the obvious when it’s right in front of you. Usually, this happens because you’re so invested – materially, emotionally, or historically – in the way things have been that you have a hard time reconciling the way things are. This is true for companies as well. The technology that made [...]

Read More
Check your doors and windows

Check your doors and windows

by Dwayne Melancon

Yesterday, I was reading about the Utah Department of Health’s recent breach, in which 500,000 patient records and 280,000 social security numbers were stolen. One of the things that jumped out at me was how insufficient configuration hardening played a role, based on a statement by the Utah Department of Technology Services (DTS).

Read More

← Previous Entries