Items Tagged with "Infosec"


6d117b57d55f63febe392e40a478011f

BlackHat 2012: Alexander Polyakov on New SAP Vulnerabilities

August 01, 2012

Alexander Polyakov describes a recently discovered and widespread architectural vulnerability which especially targets SAP applications and allows for the bypassing of SAP security restrictions, such as firewalls, even in secure landscapes...

Comments  (0)

7c5c876d1933023ac375eead04302e1a

Blackhat, BSidesLV and DefCon Oh My... 2012 Edition

August 01, 2012 Added by:Boris Sverdlik

The upside for being in Vegas for BlackHat is that BSidesLV runs concurrently. BSides always tend to be much better events. The attendees are rarely the vendor mouthpiece types and this alone makes the conference enjoyable. I had attended more talks at BSides than I have at other conferences combined this year....

Comments  (0)

4bc4991ebc3bd722765f157c77924e7a

Rebooting Infosec Cons

July 31, 2012 Added by:Dan Klinedinst

I just got home from the "Vegas week" of Black Hat, BSidesLV, and DefCon. I love many things about each, and each has things I wish they'd do better. This is true of all the conferences I've attended. However, a few questions are lingering in my mind after Vegas, possibly due to the effects of sleep deprivation...

Comments  (0)

59da131e1207b6fadf8fec3862d85ad1

Black Hat and BSides Las Vegas: The Enemy Within

July 30, 2012 Added by:alan shimel

There was a time that Black Hat was where the edge met the establishment, but Black Hat has gone totally corporate and seems to have lost the edge. All of the edge seems to have gone to BSides. I love both Black Hat and BSides and think each needs a little bit of what the other has to be whole, viable and successful...

Comments  (0)

D8853ae281be8cfdfa18ab73608e8c3f

Companies That Give Back with Free Tools

July 25, 2012 Added by:Rob Fuller

Penetration Testing / Red Teaming requires the use of a lot of tools. I don't mind getting called a "script kiddie" because I can accomplish more and faster when I don't have to code every single task I need to do. This post is to point out companies that make this possible and give a small bit of thanks...

Comments  (2)

7c5c876d1933023ac375eead04302e1a

You Shouldn't Train Employees for Security Awareness: Rebuttal

July 23, 2012 Added by:Boris Sverdlik

I tried to keep my comments limited to Twitter, but with this pile up on Security Awareness, I felt an obligation to put my opinion out there once again. @Krypt3ia and @iiamit have both posted their rebuttals respectively calling each other wrong of course, but where's the excitement without debate?

Comments  (2)

Bd07d58f0d31d48d3764821d109bf165

Another Angle on Big Data

July 22, 2012 Added by:Tripwire Inc

Today, we don’t have the concept of “knowledge security,” but should we begin considering that moving forward? Given that we are moving, quite quickly, into a knowledge-based orientation, what are the implications for “information security?” Are there any? Does this perspective even matter?

Comments  (0)

Bd623fa766512fdf6b57db66f522b741

About Antivirus, Security Awareness, Security Usability...

July 21, 2012 Added by:Ali-Reza Anghaie

No matter how many times it's warned against, most Security professionals use themselves and their contemporaries as the basis for what's "right". And as security becomes higher profile with more incidents it really starts looking like instead of having cynical contempt for the users, it's more like plain excuses...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

Throwing the Baby Out with the Bath Water

July 20, 2012 Added by:Infosec Island Admin

You train employees to protect not only from clicking on links or suspect emails, but you also teach them good ethics as well as security hygiene. The cumulative effect will help you secure the environment and in tandem with your technical means, and make it all the better...

Comments  (3)

1b061b1cec6b5898e5326992d9461610

On Infosec Thought Followers

July 20, 2012 Added by:Dave Shackleford

The CISO who backs her team politically and fights for key projects, the analyst who writes a sweet Python script to automate some rote pen testing task, the incident handler or forensicator who digs for hours to find the root cause of an event, and so on. That’s leadership, and it happens all the time...

Comments  (2)

1de705dde1cf97450678321cd77853d9

Blame the Silver Heads?

July 17, 2012 Added by:Ian Tibble

The idea that CEOs are responsible for all our problems is one of the sacred holy cows of the security industry. Security analysts, managers, self-proclaimed "Evangelists", "Subject Matter Experts", ad infinitum are responsible for the problems. Lets look at ourselves before blaming others...

Comments  (4)

8e6e3972318ff74b194801340248199e

Infosec: Is it Really OK to Say No?

July 16, 2012 Added by:Scott Thomas

Our job isn't to run the business or set direction, our job is to tell the ones at the helm that building a boat out of tin foil is a bad idea. We need to change the sign on the door from "Department of No" to "How does this affect our risk-posture?" and realize even then sometimes you need to say "No"...

Comments  (3)

99edc1997453f90eb5ac1430fd9a7c61

The Growing Responsibilities of a CISO

July 13, 2012

Phil Cracknell, Global Head of Security and Compliance at Yell Group, talks to us about the challenges of a CISO. Video taken at Information Security Europe 2012...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

Join Infosec Island and Tripwire at Black Hat USA 2012

July 10, 2012 Added by:Infosec Island Admin

Black Hat remains the biggest and the most important technical security conference series in the world by delivering timely, actionable security information in a vendor-neutral environment. Infosec Island would like to extend a special thanks to Tripwire for making possible our presence at the event...

Comments  (0)

8e6e3972318ff74b194801340248199e

Is Privacy Worth the Loss of Opportunity?

July 05, 2012 Added by:Scott Thomas

Privacy is a huge issue to most of us in the infosec community. Where this hits home though is when you're contemplating making a career move. You want the industry to know that you're considering your choices, but you don't want "the wrong people" to know (read: your current employer)...

Comments  (0)

99edc1997453f90eb5ac1430fd9a7c61

Infosec: English - Do You Speak it?

June 29, 2012

Seeing as so many people (well OK, two people) were asking me about my BSides London talk, I thought that rather than just send the link to the video, I’ll embed it here so I can say a few words about it too... Uhm, this is my talk...

Comments  (0)

Page « < 3 - 4 - 5 - 6 - 7 > »