Advance your Career with Hands-on Cyber Security Training in San Francisco. Save $350 thru 5/29.

SANS Security Trend Line: Category - Critical Controls

Twelve Word Tuesday: Mobile Users Are Not Trying to Break Out of App Store Jail

____________________________________________________________________________ Only .56% of iOS devices jailbroken, Android headed there. Users prefer AppStores. Data source: SkyCure 2016 Mobile Threat Intelligence Report Continue reading Twelve Word Tuesday: Mobile Users Are Not Trying to Break Out of App Store Jail


Twelve Word Tuesday: Can App Security Consultants Recover and "John Henry" Managed Bug Bounty Programs?

Too many low-value, cookie-cutter app testing engagements enabled bug bounty programs' success. (Explanation of John Henry reference here.) Continue reading Twelve Word Tuesday: Can App Security Consultants Recover and "John Henry" Managed Bug Bounty Programs?


Progress in Using the Critical Security Controls to Sort Out "Security Bad Apples"

In the past six months or so, there has been a lot of forward movement in state and federal government around the idea of screening suppliers and contractors for "basic security hygiene" as embodied in the Critical Security Controls. Most importantly, new federal procurement regulations will go into effect June 15th that directly require contractors … Continue reading Progress in Using the Critical Security Controls to Sort Out "Security Bad Apples"


Twelve Word Tuesday: Verizon 2014 DBIR Critical Security Controls Incident Prevention Heat Map

Vertical: Hotels need basic hygiene Horizontal: Patching and securing remote access dominate Figure 70 from 2014 Verizon Data Breach Investigation Report Continue reading Twelve Word Tuesday: Verizon 2014 DBIR Critical Security Controls Incident Prevention Heat Map


Has There Been Anything to Be Thankful For, Security-wise, In 2013?

This week the US will celebrate Thanksgiving, which historically means drastic increases in cranberry consumption, football (US-style) viewing, Friday morning shopping related trampling of little old ladies in the rush to grab $99 tablet computers - and some actual giving of thanks. 2013 has not been one of your better security years. The year started … Continue reading Has There Been Anything to Be Thankful For, Security-wise, In 2013?