Sony Breach Thoughts

While I don't like "vendor dogpiles" every time there is a mainstream cybersecurity breach, they do serve as good opportunities to change InfoSec paradigms. In this article discusses the value of monitoring with enforcement as well as repairing or creating response processes.
Coaxing Heads from the Security Sand Charles Herring

Some organizations have chosen to adopt a "plausible deniability" strategy to InfoSec. This article outlines some methods of helping these organizations move to a safer security practice.

Protecting Windows XP from Exploit Charles Herring

With Microsoft discontinuing support of Windows XP, organizations need guidance on how to protect the legacy machines they can't replace.

Evaluating NetFlow Tools for InfoSec Charles Herring

Using NetFlow for Information Security has some unique challenges that NETOPS tools don't have to deal with. I put Splunk head to head against StealthWatch and lay out methodolgies for testing other tools.

Subscribe to infosec