- Incident Response Incorporating Mobile Devices into Enterprise Security
Enterprise security hasn't kept up with consumerization—powerful mobile devices often have VPN access and email but lack mature OS security controls. Organizations need greater network segmentation,...
- Incident Response 5 Addictions of Information Security Professionals
Information security professionals develop habitual practices that can be detrimental: overly long policies, unrealistic mandates, gadget fascination, blind adherence to "best practices," and an...
- Malware Computer Threats Evolve Towards Focused, Nimble Tactics
Modern intrusions increasingly use well-planned, nimble, focused strategies rather than brute-force attacks alone. Attackers study business inner-workings to locate valuable data—scraping card...
- Incident Response Tips for Starting a Security Incident Response Program
Create a hierarchy of incident response documents: brief executive-level policy, detailed procedures for technical managers, and guidelines/checklists for responders. Keep them succinct using bullet...
- Tools Breaking Down the Walls Between Application and Infrastructure Security
Application and infrastructure security often reside in separate teams with different skill sets, leading to gaps. Unify responsibilities under common leadership, include both in penetration tests,...
- Cheat Sheets Security Incident Survey Cheat Sheet for Server Administrators
This cheat sheet helps server administrators examine suspect systems to decide whether to escalate for incident response. Avoid actions that access many files; look at logs, network connections,...