- Tools Breaking Down the Walls Between Application and Infrastructure Security
Application and infrastructure security often reside in separate teams with different skill sets, leading to gaps. Unify responsibilities under common leadership, include both in penetration tests,...
- Tools Tips for Converting Shellcode to x86 Assembly
Two tools help analysts convert shellcode found in exploits or malicious documents into readable x86 assembly: ConvertShellcode.exe disassembles shellcode strings immediately, while shellcode2exe.py...
- Tools More Than a Hammer: Expanding the Information Security Toolbox
Security programs over-focus on networks and systems because infrastructure is most practitioners' background. The toolbox needs domain expertise in business functions, data analytics for measuring...
- Authentication Critical Log Review Checklist for Security Incidents
This checklist covers log review for incident response and routine monitoring: copy logs centrally, minimize noise by removing benign entries, verify timestamps, focus on changes and failures, work...
- Malware Metrics for Measuring Enterprise Malware Defenses
Tracking "infections caught" provides little insight because changes could reflect better detection or just more attacks. More useful metrics include percentage of systems with current AV signatures,...
- Risk Management Which Information Security Controls Are Most Important?
Comparing Securosis, PwC, and SANS 20 Critical Controls projects, system hardening appears across all three lists. Other consistently important controls include centralized security event monitoring,...