Tag: risk management
-
The Ian Amit Spectrum of Pentesting Efficacy
It’s been a while since I posted (duh), but recently I’ve had something brewing in my mind that appeared to not have been clearly discussed before, so here goes. I’ve been seeing some discussions and ambiguity around pentesting, vulnerability assessment, and red teaming (again – no huge shocker for those of us in the industry).…
-
Security and maturity – beating the averages
So, There’s this new (for me) LinkedIn “publishing” thing, that prompted me to try it as I was posting a semi-rant there. Let’s see how well that works out: https://www.linkedin.com/today/post/article/20140531211959-1510435-security-and-maturity-beating-the-averages?trk=prof-post
-
The curious case of Dropbox security
After the disclosure of the host_id authentication issues that plagued the popular Dropbox service last week, a new issue came up with the fact that Dropbox can detect whether the files you are trying to upload to their cloud already exist there, and “save you the bandwidth” of uploading it if they already have a…
-
SCADA, control systems and security – not necessarily enemies
Insights from the NISA International SCADA Security Forum conference (NISA stands for National Information Security Authority, which is a division of the Israeli Security Agency). We all know that SCADA has been considered a security nightmare for a long time. Admittedly, I only have a short experience with such systems and control systems in general…