Home > Articles > Security

Security

76 Items

Sort by Date | Title

Video: Introduction to Information Security: A Course Overview
Dec 25, 2015
In this excerpt from Introduction to Information Security LiveLessons (Video Training), Scott Aurnou introduces himself and discusses what he will cover in his 5-hour information security video course.
Video: Introduction to Information Security: Why All Tech Personnel Need a Basic Understanding of Security
Dec 23, 2015
Security issues directly impact IT, networks, and software development. In this excerpt from Introduction to Information Security LiveLessons (Video Training), Scott Aurnou discusses why all technical personnel should have a basic understanding of information security.
5 Steps to Building and Operating an Effective Security Operations Center (SOC)
Dec 21, 2015
Joseph Muniz, co-author of Security Operations Center: Building, Operating, and Maintaining Your SOC, provides a high-level overview of the steps involved in creating a security operations center to protect your organization's valuable data assets.
Overview of Security Operations Center Technologies
Dec 15, 2015
This chapter from Security Operations Center: Building, Operating, and Maintaining your SOC focuses on the technology and services associated with most modern SOC environments, including an overview of best practices for data collection, how data is processed so that it can be used for security analysis, vulnerability management, and some operation recommendations.
Video: Introduction to Information Security: Understand Vulnerabilty Assessments and Pentesting
Apr 17, 2015
Vulnerability and pentesting are both effective ways to check the status of your organization's security posture. In this excerpt from Introduction to Information Security LiveLessons (Video Training), Scott Aurnou discusses the three basic steps of vulnerability assessments and the proper use of penetration testing.
Video: Introduction to Information Security: Institute Business Continuity / Disaster Recovery
Apr 3, 2015
Your business just had an information security incident--now what do you do? In this video excerpt from Introduction to Information Security LiveLessons (Video Training), Scott Aurnou discusses the difference between business continuity and disaster recovery plans, how to create them, and when to implement them.
Information Security Principles of Success
Jul 4, 2014
This chapter introduces these key information security principles and concepts, showing how the best security specialists combine their practical knowledge of computers and networks with general theories about security, technology, and human nature.
The Anatomy of a Digital Investigation
Oct 8, 2013
Michael W. Graves discusses the details of a digital investigation, including understanding the scope of the investigation, identifying the stakeholders, and understanding documentation,
Cisco NX-OS and Cisco Nexus Switching: Unified Fabric
Apr 26, 2013
This chapter shows the basic Nexus 5x00 and Nexus 7000 configurations necessary to provide a Unified access method for LAN data traffic and SAN storage traffic.
Securing Overlay Transport Virtualization (OTV) with Cisco TrustSec (CTS)
Apr 25, 2013
Ron Fuller shows just how easy it is to take advantage of MACSEC and AES-128 bit encryption on your Cisco Nexus 7000 series switches.
Secure By Design? Techniques and Frameworks You Need to Know for Secure Application Development
Dec 19, 2012
What do you know about developing secure robust software? Randy Nash discusses several available techniques and frameworks for secure application development.
The CERT Guide to Insider Threats: Insider Theft of Intellectual Property
Mar 2, 2012
This chapter offers a model to prevent insider theft of intellectual property. The first half of this chapter describes the model at a high level.The second half of the chapter digs deeper into the technical methods used in committing these crimes and mitigation strategies that you should consider based on all of this information.
Network Security First-Step: Firewalls
Feb 8, 2012
This chapter dissects a firewall’s duties to understand what makes a firewall operate and how it does its job.
Software [In]security: vBSIMM Take Two (BSIMM for Vendors Revised)
Jan 26, 2012
Gary McGraw and Sammy Migues introduce a revised, compact version of the BSIMM for vendors called vBSIMM, which can be thought of as a foundational security control for vendor management of third-party software providers.
ZigBee Wireless Security: A New Age Penetration Tester's Toolkit
Jan 9, 2012
Brad Bowers takes a closer look at the ZigBee protocol, some of the attacks that have been leveraged against it, and the security tools that penetration testers can use.
Software [In]security: BSIMM versus SAFECode and Other Kaiju Cinema
Dec 26, 2011
Gary McGraw and Sammy Migues clarify the intended use of the Building Security In Maturity Model (BSIMM) and compare it to the SAFECode Practices methodology.
Software [In]security: Third-Party Software and Security
Nov 30, 2011
How do you gauge the security of third-party code? A recent security conference examined that question, and Gary McGraw presents the findings in this article.
Software [In]security: Software Security Training
Oct 31, 2011
Gary McGraw and Sammy Migues describe how training has changed, provide data showing it's importance, and explain why it's important to pick the right training for your organization's needs.
Software [In]security: BSIMM3
Sep 27, 2011
BSIMM3 is the third iteration of the Building Security In Maturity Model (BSIMM) project, a tool used as a measuring stick for software security initiatives in the corporate world. Gary McGraw describes the BSIMM3 along with Brian Chess and Sammy Migues.
Software [In]security: Balancing All the Breaking with some Building
Aug 30, 2011
Security expert Gary McGraw argues that the software security industry is favoring offense at the expense of defense, and that more proactive defense is needed.

Page 1 2 3 4 Next >