5 Days Left to Save $200 on SANS Miami 2016

SANS Security Trend Line: Author - John Pescatore

Twelve Word Tuesday: The UK Applies "Active Defense" to Actual "Active Defense" vs. Noise

... Strike-back is not defense - continually reducing attack apertures, intrusion blind spots is. My take on the important part of a speech by Ciaran Martin, Director-General Cyber at GCHQ and head of the new National Cyber Security Centre (NCSC) speech at the Billington Cyber Security Summit in Washington DC. Continue reading Twelve Word Tuesday: The UK Applies "Active Defense" to Actual "Active Defense" vs. Noise


Twelve Word Tuesday: Agile Doesn't Have to Mean "Ignore Security" But ...

___ Agile security needn't be an oxymoron - but security can't be "complained-in" later. Continue reading Twelve Word Tuesday: Agile Doesn't Have to Mean "Ignore Security" But ...


Twelve Word Tuesday: Can App Security Consultants Recover and "John Henry" Managed Bug Bounty Programs?

Too many low-value, cookie-cutter app testing engagements enabled bug bounty programs' success. (Explanation of John Henry reference here.) Continue reading Twelve Word Tuesday: Can App Security Consultants Recover and "John Henry" Managed Bug Bounty Programs?


Twelve Word Tuesday: A Different Brexit - Breach/Brazil Exit Precautions Are in Order

Treat executive travel to the Olympics like China trips - provide clean/burner devices. Continue reading Twelve Word Tuesday: A Different Brexit - Breach/Brazil Exit Precautions Are in Order


Twelve Word Tuesday: Intel/McAfee Proves Once Again That Infrastructure Can Not/Will Not Protect Itself

Cloud is infrastructure like CPUs, Windows/Linux, even users - always need external protection. Intel exploring selling what is left of McAfee. Continue reading Twelve Word Tuesday: Intel/McAfee Proves Once Again That Infrastructure Can Not/Will Not Protect Itself