- Assessments Looking for Infected Systems as Part of a Security Assessment
Security assessments often produce predictable results—missing patches—so consider adding malware detection tasks. Techniques include identifying unmanaged systems, analyzing autorun entries for...
- Assessments 3 Reasons Why People Choose to Ignore Security Recommendations
People avoid information that challenges beliefs, demands undesired action, or causes unpleasant emotions—all common with security assessments. Recipients may resist findings that contradict "my...
- Assessments Cheat Sheet for Creating Security Assessment Reports
There's surprisingly little online guidance about creating good security assessment reports. This one-page cheat sheet covers the general approach, data analysis, methodology documentation, scope...
- Assessments Why Your Security Assessment Recommendations Get Ignored
Security assessment recommendations get ignored for several reasons: reports go unread due to poor writing or checkbox compliance, readers disbelieve findings that contradict their views, IT staff...
- Assessments Write a Strong Executive Summary for Your Security Assessment Report
Most readers only see the executive summary, so put key takeaways there. Make it understandable to non-technical executives, connect findings to business relevance like risks and compliance, keep it...
- Assessments 6 Qualities of a Good Information Security Assessment Report
Good security assessment reports start with strong executive summaries for non-technical readers, provide meaningful analysis beyond tool output, include supporting figures, describe methodology and...