Securing the Security Devices
OK, so you’ve bought the glow-in-the-dark, meets all the compliance requirements and looks really shiny “security solution” from a vendor (one or many). Or maybe your management has bought it and...
View ArticleWhen a “Pentest” is not a Pentest
There are as many definitions of pentest and penetration testing as there are google search results. (Some 10,700,00 or so). The problem is, there doesn’t seem to be a standard definition of what...
View ArticleWatching Your Data Evaporate in the Cloud
“Cloud” computing continues to beat the drum of “cutting costs.” Although I must say that I am hard put to differentiate between “cloud computing” and data centers that host hardware, the emphasis...
View ArticleHard Disks Never Die – They go to Digital Forensics
I’m attending an absolutely fascinating course on Digital Forensics provided by SANS. One of the things we will be doing is collecting data from hard drives for various practice exercises. Imagine my...
View ArticleThings NOT to Do When You’ve Been Hacked, Part II
I finally asked that deadly question: “What do your Incident Response Procedures say?” Whoops, there goes all the buddy-buddy geekiness: I have morphed into The Auditor Who Asks Questions. “Umm, well,...
View Article
