Blog Posts Tagged with "Infosec"

59da131e1207b6fadf8fec3862d85ad1

Black Hat and BSides Las Vegas: The Enemy Within

July 30, 2012 Added by:alan shimel

There was a time that Black Hat was where the edge met the establishment, but Black Hat has gone totally corporate and seems to have lost the edge. All of the edge seems to have gone to BSides. I love both Black Hat and BSides and think each needs a little bit of what the other has to be whole, viable and successful...

Comments  (0)

D8853ae281be8cfdfa18ab73608e8c3f

Companies That Give Back with Free Tools

July 25, 2012 Added by:Rob Fuller

Penetration Testing / Red Teaming requires the use of a lot of tools. I don't mind getting called a "script kiddie" because I can accomplish more and faster when I don't have to code every single task I need to do. This post is to point out companies that make this possible and give a small bit of thanks...

Comments  (2)

7c5c876d1933023ac375eead04302e1a

You Shouldn't Train Employees for Security Awareness: Rebuttal

July 23, 2012 Added by:Boris Sverdlik

I tried to keep my comments limited to Twitter, but with this pile up on Security Awareness, I felt an obligation to put my opinion out there once again. @Krypt3ia and @iiamit have both posted their rebuttals respectively calling each other wrong of course, but where's the excitement without debate?

Comments  (2)

Bd07d58f0d31d48d3764821d109bf165

Another Angle on Big Data

July 22, 2012 Added by:Tripwire Inc

Today, we don’t have the concept of “knowledge security,” but should we begin considering that moving forward? Given that we are moving, quite quickly, into a knowledge-based orientation, what are the implications for “information security?” Are there any? Does this perspective even matter?

Comments  (0)

Bd623fa766512fdf6b57db66f522b741

About Antivirus, Security Awareness, Security Usability...

July 21, 2012 Added by:Ali-Reza Anghaie

No matter how many times it's warned against, most Security professionals use themselves and their contemporaries as the basis for what's "right". And as security becomes higher profile with more incidents it really starts looking like instead of having cynical contempt for the users, it's more like plain excuses...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

Throwing the Baby Out with the Bath Water

July 20, 2012 Added by:Infosec Island Admin

You train employees to protect not only from clicking on links or suspect emails, but you also teach them good ethics as well as security hygiene. The cumulative effect will help you secure the environment and in tandem with your technical means, and make it all the better...

Comments  (3)

1b061b1cec6b5898e5326992d9461610

On Infosec Thought Followers

July 20, 2012 Added by:Dave Shackleford

The CISO who backs her team politically and fights for key projects, the analyst who writes a sweet Python script to automate some rote pen testing task, the incident handler or forensicator who digs for hours to find the root cause of an event, and so on. That’s leadership, and it happens all the time...

Comments  (2)

1de705dde1cf97450678321cd77853d9

Blame the Silver Heads?

July 17, 2012 Added by:Ian Tibble

The idea that CEOs are responsible for all our problems is one of the sacred holy cows of the security industry. Security analysts, managers, self-proclaimed "Evangelists", "Subject Matter Experts", ad infinitum are responsible for the problems. Lets look at ourselves before blaming others...

Comments  (4)

8e6e3972318ff74b194801340248199e

Infosec: Is it Really OK to Say No?

July 16, 2012 Added by:Scott Thomas

Our job isn't to run the business or set direction, our job is to tell the ones at the helm that building a boat out of tin foil is a bad idea. We need to change the sign on the door from "Department of No" to "How does this affect our risk-posture?" and realize even then sometimes you need to say "No"...

Comments  (3)

7fef78c47060974e0b8392e305f0daf0

Join Infosec Island and Tripwire at Black Hat USA 2012

July 10, 2012 Added by:Infosec Island Admin

Black Hat remains the biggest and the most important technical security conference series in the world by delivering timely, actionable security information in a vendor-neutral environment. Infosec Island would like to extend a special thanks to Tripwire for making possible our presence at the event...

Comments  (0)

8e6e3972318ff74b194801340248199e

Is Privacy Worth the Loss of Opportunity?

July 05, 2012 Added by:Scott Thomas

Privacy is a huge issue to most of us in the infosec community. Where this hits home though is when you're contemplating making a career move. You want the industry to know that you're considering your choices, but you don't want "the wrong people" to know (read: your current employer)...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

Join Infosec Island and Tripwire at Security BSides Las Vegas

June 27, 2012 Added by:Infosec Island Admin

Each BSides is a community-driven framework for building events for and by information security community members. It is an intense event with discussions, demos, and interaction from participants. It is where conversations for the next-big-thing are happening. You don’t want to miss it...

Comments  (0)

44fa7dab2a22dc03b6a1de4a35b7834a

Contracts and Infosec Part 3: Processing and Data Disposal

June 21, 2012 Added by:Bill Gerneglia

The parties should also stipulate their expectations for data return or destruction upon termination of an NDA. The expectations for data return or destruction will be typically molded by a party’s desire to keep compliant with the particular data handling law or regulation to which the party is subject...

Comments  (0)

3e35900ae6facc6c146a85c435c71d82

Elementary Information Security

June 21, 2012 Added by:Ben Rothke

For anyone looking for a comprehensive information security reference guide - Elementary Information Security is it. While the title may say elementary, for the reader who spends the time and effort to complete the book, they will come out with a complete overview of every significant information security topic...

Comments  (0)

Ebe141392ea3ebf96ba918c780ea1ebe

Infosec: Too Many Questions

June 20, 2012 Added by:Wendy Nather

Does having one machine on a botnet at some point automatically mean that more nefarious things are going on besides just selling V1agr4 or perhaps DDoSing the Anonymous target of the week? This is the risk calculation that we need more data to perform, and it's one that the C-suite would really appreciate...

Comments  (1)

4ff49873e3fed9a24adf0d37ae00b780

The Debate When it Comes to Monetizing Security Flaws

June 20, 2012 Added by:Lee Munson

Some people think that if you try to profit on your discovery, then no matter what your intentions are, the discovery could be used for non ethical goals. They think that it does not matter if it is a good guy or a bad guy who gets the information. They think that both parties have the potential for abuse...

Comments  (0)

Page « < 3 - 4 - 5 - 6 - 7 > »