Blog
-
Tech Audits
What systems do security and availability audits cover? A fair question! Well, the hard truth is that it is your responsibility to identify this as a system owner; and not the duty of an auditor. Don’t sit around waiting for auditors to show up and expect them to answer this question. Simply put, everything and…
-
Hold my beer!
Company: “Our data is encrypted at rest, and in transit. We are SOC2 assessed and HIPAA compliant. Our Cyber team conducts quarterly audits, our Security Ops are 24/7, and our employees go through quarterly security training.” That one developer about to run a wild query exporting all data to a CSV file: “Hold my beer!”…
-
A Security+ Nostalgia
Going through modern Security+ material, seeing mentions of legacy technologies and methodologies such as Sub7 or War-driving was a pleasant time travel 🙂
-
hackathon Gems
If you’re attending a hackathon/security conference looking to recruit good security professionals, keep an eye for those using personal Internet devices, tethering via cell phone, or better yet, tethering via a cable connection to their cell phone to gain internet access. As to those who are using the convention center’s free wifi during a hackathon/security…
