The Atlanta ISSA chapter, along with the Atlanta Society of Digital Forensics and eDiscovery, the Society of Industrial Security Professionals and the Atlanta OWASP chapter are hosting the Security By Design Conference on November 8 and 9. The conference schedule includes 7 tracks that run on both days and also features a special event on both […]
Find Your Sweet Spot
Version 3 of the SANS 20 Security Controls includes integration by the leadership of the Australian Defense Signals Directorate. This includes 35 Mitigation Strategies that were developed and prioritized to prevent targeted computer attacks. Four of these are listed as mandatory and are known as the Sweet Spot. These are Patch Applications, Patch Operating Systems, Minimize the […]
Control 20: Security Skills Assessment and Training to Fill Gaps
Is your team well trained or does it lack fundamental and often the advanced skills needed to perform their jobs? Are there team members who are the only ones that know certain functions? What happens when they are not available for good reasons or bad ones? Several avenues for acquiring training are available. Many large […]
How do you do, Auditpol?
What if there were an alternative to using the Local Security Policy to set the options needed to support of your security policy? Starting with Windows 7 and 2008 there is a new, perhaps even better way, Auditpol that offers much more granularity. The full explanation of this setting is: Audit: Force audit policy subcategory […]
SANS Security 401 in Chattanooga
Tonight starts my SANS Mentor class in Chattanooga, TN. I am very excited about bringing SANS training to Chattanooga. It was a lot more preparation than I expected, but I am so glad I finally decided to do it. Security 401 – SANS Security Essentials Bootcamp Style was the first SANS class I took way […]