Items Tagged with "Infosec"


E313765e3bec84b2852c1c758f7244b6

The Detection in Depth Focus Model

December 08, 2011 Added by:Brent Huston

As explained in the maturity model post before, the closer the detection control is to the asset, the higher the signal to noise ratio it should be and the higher the relevance o the data should be to the asset being protected (Huston’s Postulate)...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

The Nature of Infosec: A Zero Sum Game

December 08, 2011 Added by:Infosec Island Admin

Security is a “Zero Sum Game” - no matter what you do, no matter how many policies you have or blinking lights on an appliance that is alleged to keep out APT, in the end you really have not won the day. In fact, if you have not been hacked or abused that day, it was really just a fluke...

Comments  (2)

D8853ae281be8cfdfa18ab73608e8c3f

Run POST Modules On All Sessions

December 05, 2011 Added by:Rob Fuller

You use the POST module, drop to IRB and run those 4 lines, and bam, you win. With resource files we can automate this a bit more and have it so that we do this effortlessly with any post module... We know we can run ruby inside of resource files with the tag...

Comments  (0)

44fa7dab2a22dc03b6a1de4a35b7834a

Executives Lack Confidence in Infosec Strategies

December 04, 2011 Added by:Bill Gerneglia

Cyber attacks grow as corporations and governments amass information on individuals in complex networks across the Web, and cyber activists - some motivated by money, others by the desire to destabilize corporations and governments, continue to hack into organizational secrets...

Comments  (0)

Bddcc5065237c686cb4d89dba8b276f2

Key Sessions at the CISO Executive Summit 2011

December 03, 2011 Added by:Steven Fox, CISSP, QSA

As information assurance matures, its identity in the organizational culture is merging with the business units it supports. Practitioners are challenged to adapt their skills to the evolution of an infosec business function separate from its legacy association with the IT department...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Challenges for Software Security Professionals

December 02, 2011 Added by:Rafal Los

So what catches your attention? What conclusions can you draw here that may be insight into how we can improve the state of software security in the enterprise? My eye gets caught on "politics" and TOOLS in big bold letters... then UPHILL and APATHY. Dang, we're a cynical bunch aren't we...

Comments  (1)

296634767383f056e82787fcb3b94864

Security 2012: Blood in the Water

November 30, 2011 Added by:Jeffrey Carr

CEOs refuse to act to protect their companies if it cuts into profit, the government has refused to protect our nation’s critical infrastructure because it's 90% privately owned, and our laws have enabled this massive malfeasance so that everyone responsible can claim absence of malice...

Comments  (1)

Bbb285308604bc5fbb9b43590d0501f6

Security BSides is Coming to Iowa

November 29, 2011 Added by:Security BSides

Each BSides is a community-driven framework for building events for and by information security community members. It is an intense event with discussions, demos, and interaction from participants. It is where conversations for the next-big-thing are happening. You don’t want to miss it...

Comments  (0)

Bd623fa766512fdf6b57db66f522b741

Infosec: Homer Simpson or George Washington?

November 28, 2011 Added by:Ali-Reza Anghaie

Consider three fields when pondering infosec strategies: Defense, Economics, and Healthcare. All three have grasped nonlinear preventative and swarm tactics in a way we would be wise to consider. And like infosec, all three also have snake oil salesmen and demons to satiate...

Comments  (1)

99edc1997453f90eb5ac1430fd9a7c61

Avoiding Security Budget Cuts

November 28, 2011

Companies are cutting back on information security departments budgets. I have, however, come up with an ingenious plan by which security departments can keep their funding without costing the company any money whatsoever. I’m pretty sure no-one has come up with this idea before...

Comments  (0)

9fbacd2502ce5f91a25f722d8dfe2933

Five Key Aspects of a Good Infosec Risk Assessment

November 25, 2011 Added by:Albert Benedict

Because they are consistent and repeatable, current risk assessment results can be compared to previous years’ results to see if there was any growth. You can also compare the client’s status to other companies of similar size and stature to show them where they stand...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Wanted: Software Security Specialists... Are There Any?

November 22, 2011 Added by:Rafal Los

You don't just go to college, get a degree in 'software security' and walk into a job being great at it - mostly because that degree doesn't exist, but also because the days of being able to walk into a job like this are probably long behind us...

Comments  (2)

7fef78c47060974e0b8392e305f0daf0

TakeDownCon Las Vegas: Big Discounts and Freebies

November 21, 2011 Added by:Infosec Island Admin

Seriously... Sign up for TakeDownCon trainings and enjoy a 15% discount, three complimentary TakeDownCon passes, a 'Test Pass Guarantee', a $300 discount voucher for training at any Hacker Halted, and CHOICE OF a free iPad 2, or a $500 Tiffany & Co. Gift Card, or four nights hotel accommodations...

Comments  (0)

B8b580348b4e717042d0e394ee072001

Attrition.org Errata Project: Detecting Plagiarism

November 19, 2011 Added by:security curmudgeon

With the recent rash of plagiarism exposure, one of the most frequent questions we get is "how do you find plagiarism"? Our methodology is home-grown and very simple. We assume that we are only catching some of it, and that our methodology causes us to miss some. It isn't rocket science...

Comments  (0)

Bbb285308604bc5fbb9b43590d0501f6

Security BSides is Coming to Cape Town South Africa

November 17, 2011 Added by:Security BSides

B-Sides Cape Town will attempt to offer a healthy environment where some of South Africa's security professionals, system administrators, network administrators, and anyone with a healthy interest in infosec can come together for one day to listen to some interesting presentations...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Three Words to Describe Enterprise Security

November 16, 2011 Added by:Rafal Los

We're cynical. Many security professionals and information security management alike are getting fed up with vendors who don't take the time to understand the issues they're facing - and simply to to sell, sell, sell...

Comments  (0)

Page « < 15 - 16 - 17 - 18 - 19 > »