Security Training

Ebb72d4bfba370aecb29bc7519c9dac2

On Internally-sourced Threat Intelligence

March 20, 2014 Added by:Anton Chuvakin

At the very top of the very top of the pyramid...sit organizations that produce their own threat intelligence (TI), sourced from local artifacts and their own intelligence gathering activities.

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

System Hardening: Defend Like An Attacker

March 18, 2014 Added by:Tripwire Inc

Defenders also need to think like attackers. Easier said than done.

Comments  (0)

Ebb72d4bfba370aecb29bc7519c9dac2

Delving into Threat Actor Profiles

March 17, 2014 Added by:Anton Chuvakin

Threat actor profiles can be used by a fledgling threat intelligence operation to organize their knowledge about who is “out to get them” and who they observe on their network. Such knowledge organization helps prioritize incident response and alert triage activities.

Comments  (0)

1789975b05c7c71e14278df690cabf26

Unbalanced Security is Increasing Your Attack Surface

March 13, 2014 Added by:Pete Herzog

Unbalanced security is when your security increases your attack surface. And it’s normal.

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

Security Slice: World War XP

March 12, 2014 Added by:Tripwire Inc

Are these nine tips enough to protect organizations that need to continue using XP?

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

Attacking the ROI of Advanced Persistent Threats

March 12, 2014 Added by:Tripwire Inc

How do you stop a smart attacker? Simple: reduce their ROI to make exploiting you fiscally irresponsible.

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Here a box, there a box, everywhere a box … breached

March 11, 2014 Added by:Rafal Los

Let’s face it: The industry has a ‘box problem.’ And everyone will sell you a solution to what ails you.

Comments  (0)

65be44ae7088566069cc3bef454174a7

NSA is not the Only One Getting to Your App Data

March 03, 2014 Added by:Rebecca Herold

You need to take actions to help protect yourself, and you also need to demand that app developers build security and privacy protections and controls into their apps.

Comments  (2)

201d6e4b7cd0350a1a9ef6e856e28341

A “Tale of Two Cities” – where are the insurance companies?

March 03, 2014 Added by:Joe Weiss

There has been no mad rush for cyber insurance as the focus has been NERC CIP and compliance not security.

Comments  (0)

Ebb72d4bfba370aecb29bc7519c9dac2

How to Make Better Threat Intelligence Out of Threat Intelligence Data?

February 19, 2014 Added by:Anton Chuvakin

One of the key uses for threat intelligence (TI) data is making better threat intelligence data out of it.

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Numbers Never Lie, But You May Be Asking the Wrong Questions

February 04, 2014 Added by:Rafal Los

Demonstrating the effectiveness of a security program isn't about cherry-picking the right data sets, in the right time-frames to show how fantastic we are doing and patting ourselves on the back.

Comments  (0)

E313765e3bec84b2852c1c758f7244b6

Incident Response: Are You Ready?

February 03, 2014 Added by:Brent Huston

When serious problems strike the complacent and unprepared, the result is inevitably shock followed by panic. And hindsight teaches us that decisions made during such agitated states are almost always the wrong ones. This is true on the institutional level as well.

Comments  (0)

E313765e3bec84b2852c1c758f7244b6

The First Five Quick Wins

January 23, 2014 Added by:Brent Huston

The First Five Quick Wins controls are those that have been shown to be the most effective means yet to stop the targeted intrusions that are doing the greatest damage to many organizations.

Comments  (0)

1789975b05c7c71e14278df690cabf26

5 Solid Ways to Build Security Culture in Your Organization (That You Probably Never Heard Of)

January 22, 2014 Added by:Pete Herzog

Teach employees not to say no. This and 4 other unconventional tricks will build or enhance your organization's security culture.

Comments  (2)

219bfe49c4e7e1a3760f307bfecb9954

Your Guide to Getting Started with Mobile Application Assessments

December 04, 2013 Added by:Rohit Sethi

My colleague, Andre Harricharran, security consultant with Security Compass, offers a closer look at the mobile application assessment process and requirements, and what organizations should consider when procuring this type of service

Comments  (0)

219bfe49c4e7e1a3760f307bfecb9954

How Do I Measure the Success of a Training Program?

November 19, 2013 Added by:Rohit Sethi

An information security training program is crucial for ensuring and maintaining a good security posture; in order to effectively manage this program you have to be able to measure it. This article introduces a concept recommended by NIST in their Special Publication 800-16, for evaluating training effectiveness.

Comments  (0)

Page « < 8 - 9 - 10 - 11 - 12 > »
Most Liked