Collaborate Disseminate
Recently, my nine-year-old son informed me that he had observed over time how I always seem to help other people and how others always depend on me. I said to him that, in a way, he is much the same, as he is always saying ‘yes’ to doing li… Continue reading Why ‘Yes Persons’ Make Change Control a Necessity for Your Company
The Australian Broadcasting Corporation (ABC) leaked sensitive data online through a publicly accessibly Amazon Web Services (AWS) S3 bucket. Public search engine Censys indexed the misconfigured asset on 14 November during a regular security audit of … Continue reading Australian Broadcasting Corporation Leaked Data through AWS S3 Bucket
Enterprise networks regularly see change in their devices, software installations, and file content. These modifications can create risk for the organization. Fortunately, companies can mitigate such risk by implementing foundational security controls…. Continue reading What Is Vulnerability Management?
Enterprise networks regularly see change in their devices, software installations, and file content. These modifications can create risk for the organization. Fortunately, companies can mitigate such risk by implementing foundational security controls…. Continue reading What Is Vulnerability Management?
If File Integrity Monitoring (FIM) were easy, everyone would be doing it. Actually, it is pretty easy. It’s not exactly rocket science. Practically anyone with a modicum of Python, Perl or development skills can write an app or a script to gather the c… Continue reading Superior Integrity Monitoring: Getting Beyond Checkbox FIM
File integrity monitoring (FIM) exists because change is prolific in organizations’ IT environments. Hardware assets change. Software programs change. Configuration states change. Some of these modifications are authorized insofar as they occur d… Continue reading What Is FIM (File Integrity Monitoring)?
By now, we’re all aware of the Equifax breach that affected 143 million customer records. Equifax reports that Apache Struts vulnerability CVE-2017-5638 was used by the attackers. Equifax was not running its vulnerable struts application in a container, but what if it had been? Containers are more secure, so this whole situation could have been […]… Read More
The post Could Containers Save The Day? 10 Things to Consider when Securing Docker appeared first on The State of Security.
The post Could Containers Save The Day? 10 Things to Consider when Securing Docker appeared first on Security Boulevard.
Continue reading Could Containers Save The Day? 10 Things to Consider when Securing Docker
The coronavirus 2019 (COVID-19) pandemic shifted the cybersecurity landscape. According to a PR Newswire release, the FBI tracked as many as 4,000 digital attack attempts a day during the pandemic. That’s 400% more than what it was prior to the pandemi… Continue reading What Is SCM (Security Configuration Management)?
When designing systems today, everyone is aware that security is an essential feature, even in systems that you don’t think are critical. The recent Equifax breach brought home to me one of the most important factors of designing secure systems (software or not): delivering systems with secure defaults. In today’s threat-rich environment, the secure configuration […]… Read More
The post Secure Defaults and The Design of the Credit System appeared first on The State of Security.
The post Secure Defaults and The Design of the Credit System appeared first on Security Boulevard.
Continue reading Secure Defaults and The Design of the Credit System
Corporate networks have evolved in recent years. Many have exploded in size as a result of organizations diversifying their IT environments to include cloud, virtual, and mobile devices. As such, corporate networks are much more dynamic in nature. It’s now commonplace for devices to connect, reconnect, and disconnect from the enterprise network, especially with regards […]… Read More
The post What Is Asset Discovery? appeared first on The State of Security.
The post What Is Asset Discovery? appeared first on Security Boulevard.