Items Tagged with "Infosec"
August 01, 2012
Alexander Polyakov describes a recently discovered and widespread architectural vulnerability which especially targets SAP applications and allows for the bypassing of SAP security restrictions, such as firewalls, even in secure landscapes...
August 01, 2012 Added by:Boris Sverdlik
The upside for being in Vegas for BlackHat is that BSidesLV runs concurrently. BSides always tend to be much better events. The attendees are rarely the vendor mouthpiece types and this alone makes the conference enjoyable. I had attended more talks at BSides than I have at other conferences combined this year....
July 31, 2012 Added by:Dan Klinedinst
I just got home from the "Vegas week" of Black Hat, BSidesLV, and DefCon. I love many things about each, and each has things I wish they'd do better. This is true of all the conferences I've attended. However, a few questions are lingering in my mind after Vegas, possibly due to the effects of sleep deprivation...
July 30, 2012 Added by:alan shimel
There was a time that Black Hat was where the edge met the establishment, but Black Hat has gone totally corporate and seems to have lost the edge. All of the edge seems to have gone to BSides. I love both Black Hat and BSides and think each needs a little bit of what the other has to be whole, viable and successful...
July 25, 2012 Added by:Rob Fuller
Penetration Testing / Red Teaming requires the use of a lot of tools. I don't mind getting called a "script kiddie" because I can accomplish more and faster when I don't have to code every single task I need to do. This post is to point out companies that make this possible and give a small bit of thanks...
July 23, 2012 Added by:Boris Sverdlik
I tried to keep my comments limited to Twitter, but with this pile up on Security Awareness, I felt an obligation to put my opinion out there once again. @Krypt3ia and @iiamit have both posted their rebuttals respectively calling each other wrong of course, but where's the excitement without debate?
July 22, 2012 Added by:Tripwire Inc
Today, we don’t have the concept of “knowledge security,” but should we begin considering that moving forward? Given that we are moving, quite quickly, into a knowledge-based orientation, what are the implications for “information security?” Are there any? Does this perspective even matter?
July 21, 2012 Added by:Ali-Reza Anghaie
No matter how many times it's warned against, most Security professionals use themselves and their contemporaries as the basis for what's "right". And as security becomes higher profile with more incidents it really starts looking like instead of having cynical contempt for the users, it's more like plain excuses...
July 20, 2012 Added by:Scot Terban
You train employees to protect not only from clicking on links or suspect emails, but you also teach them good ethics as well as security hygiene. The cumulative effect will help you secure the environment and in tandem with your technical means, and make it all the better...
July 20, 2012 Added by:Dave Shackleford
The CISO who backs her team politically and fights for key projects, the analyst who writes a sweet Python script to automate some rote pen testing task, the incident handler or forensicator who digs for hours to find the root cause of an event, and so on. That’s leadership, and it happens all the time...
July 17, 2012 Added by:Ian Tibble
The idea that CEOs are responsible for all our problems is one of the sacred holy cows of the security industry. Security analysts, managers, self-proclaimed "Evangelists", "Subject Matter Experts", ad infinitum are responsible for the problems. Lets look at ourselves before blaming others...
July 16, 2012 Added by:Scott Thomas
Our job isn't to run the business or set direction, our job is to tell the ones at the helm that building a boat out of tin foil is a bad idea. We need to change the sign on the door from "Department of No" to "How does this affect our risk-posture?" and realize even then sometimes you need to say "No"...
July 10, 2012 Added by:Infosec Island Admin
Black Hat remains the biggest and the most important technical security conference series in the world by delivering timely, actionable security information in a vendor-neutral environment. Infosec Island would like to extend a special thanks to Tripwire for making possible our presence at the event...
July 05, 2012 Added by:Scott Thomas
Privacy is a huge issue to most of us in the infosec community. Where this hits home though is when you're contemplating making a career move. You want the industry to know that you're considering your choices, but you don't want "the wrong people" to know (read: your current employer)...