SCM – Page 3 – WindowsTechs.com

ExpertOps: More Security with Less Time

Posted on October 30, 2017 by Todd Bunker

When you work for the office of your organization’s chief information security officer (CISO), time is not your friend. In 2015, the average time from compromise to discovery of a security incident was 146 days. That figure dropped to 99 days in 2016. Even so, the pressure is still on for organizations to do more […]… Read More

The post ExpertOps: More Security with Less Time appeared first on The State of Security.

The post ExpertOps: More Security with Less Time appeared first on Security Boulevard.

Continue reading ExpertOps: More Security with Less Time→

What Is SCM (Security Configuration Management)?

Posted on October 24, 2017 by David Bisson

The coronavirus 2019 (COVID-19) pandemic shifted the cybersecurity landscape. According to a PR Newswire release, the FBI tracked as many as 4,000 digital attack attempts a day during the pandemic. That’s 400% more than what it was prior to the pandemi… Continue reading What Is SCM (Security Configuration Management)?→

The Need for Increased Investment in Medical Device Security

Posted on October 20, 2017 by Onyeka Jones

The FBI in 2014 warned that healthcare systems, including medical devices, were at an increased risk of cyber-attacks due to the unfortunate coupling of poor cybersecurity practices in the healthcare industry with patient health information (PHI) that commands high value on the dark web. This warning has largely been realized. The cost and frequency of […]… Read More

The post The Need for Increased Investment in Medical Device Security appeared first on The State of Security.

The post The Need for Increased Investment in Medical Device Security appeared first on Security Boulevard.

Continue reading The Need for Increased Investment in Medical Device Security→

Why Software Configuration Management tools (SCMs) authenticate only client instead of server?

Posted on September 17, 2017 by patryk.beza

I’ve noted that probably all of the 4 popular Software Configuration Management Tools (SCMs), ie.:

use only clients’ authentication instead of the server authentication – correct me if I’m wrong (I suspect I’m wrong, but I don’t know why).

Why is that? Isn’t it unsafe to trust the server that in fact manages nearly every detail of the clients’ system configuration?

Here is description of how Puppet‘s authentication is provided. Isn’t it possible for an attacker to run MITM attack by pretending to be Puppet server? Does authenticating clients by the server somehow provides mutual authentication?

Continue reading Why Software Configuration Management tools (SCMs) authenticate only client instead of server?→

How can I download an exposed mercurial directory?

Posted on March 20, 2017 by Sjoerd

I have a client with an open .hg directory. For example, the URL http://example.com/.hg/dirstate shows a plain text config file. They have not enabled directory listing, so http://example.com/.hg/ gives a 403 Forbidden page.
… Continue reading How can I download an exposed mercurial directory?→

System Center Configuration Manager Current Branch FAQ

Posted on June 28, 2016 by Windows IT Pro

Over the last year Microsoft has been updating their flagship product under the moniker Windows as a Service (WaaS). Faster changes to Windows means software that interacts with it must adopt a faster pace to stay aligned and that philosophy is takin… Continue reading System Center Configuration Manager Current Branch FAQ→