Save $200 on InfoSec Training at SANS San Diego 2017. Ends Tomorrow.

SANS Security Trend Line

29 Jul 2014

Twelve Word Tuesday: Evergreen Headline "New Technology X Impedes Security Process Y" Drives Need for New Security Process Z

0 comments Posted by John Pescatore
Filed under (no category specified)

Has old Security Process Y Ever Won? Maybe once (CALEA) - usually not. Continue reading Twelve Word Tuesday: Evergreen Headline "New Technology X Impedes Security Process Y" Drives Need for New Security Process Z

15 Jul 2014

Twelve Word Tuesday: Looking for Security Tea Leaves in New Microsoft CEO's "Bold Ambition & Our Core" Missive

0 comments Posted by John Pescatore
Filed under (no category specified)

Satya Nadella's letter to employeesmentions cloud 7x more often than security. Microsoft CEO letter here Continue reading Twelve Word Tuesday: Looking for Security Tea Leaves in New Microsoft CEO's "Bold Ambition & Our Core" Missive

08 Jul 2014

Twelve Word Tuesday: It Hurts When They Do That, Get Them to Not Do That

0 comments Posted by John Pescatore
Filed under (no category specified)

Continuous vulnerability avoidance much more profitable than continuous monitoring/mitigation/incident response. Continue reading Twelve Word Tuesday: It Hurts When They Do That, Get Them to Not Do That

10 Jun 2014

Twelve Word Tuesday: Verizon 2014 DBIR Critical Security Controls Incident Prevention Heat Map

0 comments Posted by John Pescatore
Filed under Critical Controls

Vertical: Hotels need basic hygiene Horizontal: Patching and securing remote access dominate Figure 70 from 2014 Verizon Data Breach Investigation Report Continue reading Twelve Word Tuesday: Verizon 2014 DBIR Critical Security Controls Incident Prevention Heat Map

05 Jun 2014

A Conversation Around Supply Chain Integrity - Is There Any Real Way to Trust Products?

0 comments Posted by John Pescatore
Filed under (no category specified)

Bill Murray and I recently had an fun interchange on the topic of supply chain security and he's agreed to let me reproduce it here. The starting point was a comment I made in SANS Newsbites on this news item: [[60]] China Vetting Networking Gear (May 22, 2014) After the US Justice Department indicted five … Continue reading A Conversation Around Supply Chain Integrity - Is There Any Real Way to Trust Products?

Categories
Recent Posts
Archives
Links
Latest Whitepapers

Hardening BYOD: Implementing Critical Security Control 3 in a Bring Your Own Device (BYOD) Architecture
By Christopher Jarko

Botnet Resiliency via Private Blockchains
By Jonny Sweeny

OSSIM: CIS Critical Security Controls Assessment in a Windows Environment.
By Kevin Geil

Last 25 Papers »

Latest Tweets @SANSInstitute

#SANSPaper: IDS Performance in a Complex Modern Network: Hyb [...]
September 26, 2017 - 6:05 PM

Webcast with @Steph3nSims and @ErikVaBu - #SEC599 - How to P [...]
September 26, 2017 - 4:45 PM

The SANS Cloud Summit call for presentations is open! Share [...]
September 26, 2017 - 3:05 PM

Contact Us

301-654-SANS(7267)
Mon-Fri 9am - 8pm EST/EDT
info@sans.org

"This has been a great way to get working knowledge that would have taken years of experience to learn."
- Josh Carlson, Nelnet

"SANS is a great place to enhance your technical and hands-on skills and tools. I thoroughly recommend it."
- Aaron Waugh, Datacom NZ Ltd

"SANS always provides you what you need to become a better security professional at the right price."
- Rasik Vekaria, BP