Clik here to view.
Security Strategy: How to Avoid Running Default Security Configurations
You can't really blame folks for installing solutions in default mode OR can you? I've worked with a lot of companies and technology professionals during my career and it seems like going default is...
View ArticleClik here to view.
Security Strategy: Security Project Management
Planning big security projects or changes? Security project management is not for the weak of heart. It takes nerves of steel for most project managers to jump in and tackle the security frontier...
View ArticleStrategy: Security Awareness
It's amazing to me that these days you hardly have to leave the confines of your home or office to test the effectiveness of social engineering at your organization. In bunny slippers and armed with a...
View ArticleStrategy: Security Use Cases
Ever engage in Mad Libs when you were young? I remember them vividly because of many long summer car rides up the coastline. And six months ago the concept came in quite handy when developing security...
View ArticleClik here to view.
Strategy: Security by Color and Number
Making security more tangible has been a long-standing and recently revitalized goal of mine. This year it even seems more relevant because it is simply not enough to have a few talented security...
View ArticleControl: File Integrity Monitoring
It is quite common for novice and hobbyist attackers to break into an environment through an unpatched system and upload modded files to effectively over-write the functionality that may already exist...
View ArticleClik here to view.
Security Engineering: Splunk Deployment Server V4
Note: This post was written for Splunk 4.2 on Linux. Some concepts may be similar for other versions but you should consult the Splunk docs.I've been hands-on working with a Splunk implementation...
View ArticleCloud: Continuous Security with DevOpsSec
As developers move more aggressively to utilize the Public Cloud, Agile, Continuous Integration, and Continuous Deployment as its method for innovation, it is surely going to place pressure on security...
View ArticleCloud: Increase Public Cloud Security with better Detection & Response
Anton Chuvakin shared this post on the need to monitor workloads as they migrate to the Public Cloud: Gartner: Start security monitoring in the public cloud. As stated in this article, it is not...
View Article