Attacks against applications are certainly a growing threat to organizations. Some argue that as system administrators become better at configuring and patching their systems, the application is the next logical target of attack. What can be done at little to no cost to help prevent these threats to your environment? Every application that is installed […]
Blog
Security By Design
The Atlanta ISSA chapter, along with the Atlanta Society of Digital Forensics and eDiscovery, the Society of Industrial Security Professionals and the Atlanta OWASP chapter are hosting the Security By Design Conference on November 8 and 9. The conference schedule includes 7 tracks that run on both days and also features a special event on both […]
Sweet Spot – Patch Operating Systems
Microsoft Windows Software Update Services (WSUS)provides automated patching of Microsoft operating systems and products. The WSUS administrator can schedule categories of patches and schedule their installation. Also included is a reporting feature that can send daily reports via email to administrators notifying them of new patch releases and the status of their installation across the […]
Find Your Sweet Spot
Version 3 of the SANS 20 Security Controls includes integration by the leadership of the Australian Defense Signals Directorate. This includes 35 Mitigation Strategies that were developed and prioritized to prevent targeted computer attacks. Four of these are listed as mandatory and are known as the Sweet Spot. These are Patch Applications, Patch Operating Systems, Minimize the […]
Security B-Sides Atlanta
Security B-Sides Atlanta unconference is back. On November 4, all of your local and not so local security friends will be back at Think Inc, located at 1375 Peachtree St. Suite 600, Atlanta, Ga. Registration is now OPEN and true to Security B-Sides, the admission price is most affordable by everyone.
Control 20: Security Skills Assessment and Training to Fill Gaps
Is your team well trained or does it lack fundamental and often the advanced skills needed to perform their jobs? Are there team members who are the only ones that know certain functions? What happens when they are not available for good reasons or bad ones? Several avenues for acquiring training are available. Many large […]