Top Stories
Eroding the Skills That Drive IT
December 15, 2013 Added by:Garrett Bechler
Over the last few years as IT Staffing has been trimmed to minimal levels and as the adoption of cloud based services has risen in a dramatic fashion, the erosion of the basic skills, tools, and awareness of running a secure environment has steadily accelerated its pace.
Comments (1)
Latest Posts
Network Security: IT Professionals’ Top Priority for 2014
December 16, 2013 Added by:Patrick Oliver Graf
Chances are if you’re reading this blog, you understand how vital it is for enterprises today to secure remote access to their corporate networks. Getting the most out of stagnant budgets next year will be a big concern, and organizations that utilize a centrally managed VPN solution are certain to enjoy heightened network security without excessive financial strain.
Comments (0)
Webcast: SAP Pentesting - From Zero 2 Hero with Metasploit
December 16, 2013 Added by:InfosecIsland News
The webcast will provide a very high level overview of common SAP system vulnerabilities and misconfigurations as well as demonstrate how the Metasploit Framework can be leveraged to quickly and easily exploit and compromise misconfigured/vulnerable SAP systems.
Comments (0)
Using iGoat to Explore Mobile Application Security Weaknesses
December 16, 2013 Added by:Michael Smith
The purpose of this post is to walk through all the steps needed to get iGoat setup “Soup to Nuts”. There is nothing here that is too difficult, but there are a few pitfalls in making this work.
Comments (0)
Don't Bore the Board
December 15, 2013 Added by:Joseph Rogalski
I can guarantee the majority of the Boards of Directors are far less technical than you and speak a different language. While your responsible for protecting the data of the company they are responsible for maximizing shareholder equity. Thus when giving an update don’t bore them speaking about this new web filter or XYZ vulnerability will do exactly that, instead speak their language.
Comments (0)
Eroding the Skills That Drive IT
December 15, 2013 Added by:Garrett Bechler
Over the last few years as IT Staffing has been trimmed to minimal levels and as the adoption of cloud based services has risen in a dramatic fashion, the erosion of the basic skills, tools, and awareness of running a secure environment has steadily accelerated its pace.
Comments (1)
Amphion Forum Highlights Promise and Problems of Internet of Things
December 14, 2013 Added by:InfosecIsland News
Explosive growth in the number and diversity of devices connected to the Internet demands wholesale changes to the IT security industry, security experts told an audience of IT professionals at the Amphion Forum in San Francisco.
Comments (0)
Are Security Professionals Exiting the Enterprise?
December 11, 2013 Added by:Rafal Los
I'm noticing something of a phenomenon lately that may have everything to do with how difficult it is to succeed in an enterprise security leadership role. In the last 90 days, no less than 3 of my real-life colleagues and friends have left the enterprise role for a vendor or consulting opportunity. This may all just be a coincidence, but if you look back over the past year successively more and m...
Comments (3)
Cyber Security Framework Lacks Mitigating Controls and Cloud Security
December 11, 2013 Added by:Anthony M. Freed
Given the pace that both government and the private sector are migrating mission-critical operations to managed service providers, should NIST take steps to identify Cloud-based offerings as part of the nation’s critical infrastructure?
Comments (0)
Security and Throw Away Accounts
December 11, 2013 Added by:Tripwire Inc
Throw away accounts are accounts created when an account is required but won’t be used again. When throw away accounts are created, they usually don’t contain any personal information. Most of these accounts, if not all, will even have a bogus email address attached so that the users will not receive any spam.
Comments (0)
Webinar: 2013 Security Wrap Up and Five Security Predictions for 2014
December 11, 2013 Added by:InfosecIsland News
On Thursday, December 12, SilverSky will host an informative year-ending webinar, featuring CTO Andrew Jaquith. During this presentation, Andrew will review the year that was, and reveal five can’t-miss security predictions for 2014.