BACK TO BASICSin security means:
- Cheaper - most "advanced", "intelligent", "heuristic", "visionary", or "next gen" offerings are very expensive burnt offerings. The illuminaries behind such ventures know that their offering is of poor quality or doesn't deliver in line with the price tag, but they don't care. They paid off the VC and then some, and can now be found on a beach somewhere nice.
- We seek to help clients who are interested in saving money and also sleeping better at night. There's plenty of consultancies who will help use your security budget (therein help to get a higher budget in the next financial year), if cheaper is not what you seek.
- Recent high profile incidents, such as Wannacry, are defeatable with back-to-basics tech from 1995. You probably already have the means to manage risks from ransomware and other such threats.
- Of course not all new concepts are duds. Some are worth resource investment, and we will help you with those.
Detect perimeter changes before hackers detect them!
If your network perimeter changes unexpectedly, that's unlikely to be a good thing. What is the cause?
- Unauthorised change?
- Steve in networking misconfigured a firewall?
- Hacker's shell?
- Shadow IT?
- Rogue device?
- Post-M&A networking headaches?
Oracle Database Security Assessment
Authenticated vulnerability scanning for auditing, with a tests library based on 20 years of Oracle Database Security assessment.
- Oracle Database versions 10g, 11g, and 12c are supported.
- Vulnerability assessment - covering usual compliance requirements for PCI-DSS, HIPAA, etc.
- Covers TNS listener, auditing, passwords, user accounts and privileges, typical default security issues, and many more.
Latest Blog Post
On Hiring For DevSecOps
Oct. 14, 2019, 9:29 p.m.
Based on personal experience, and second hand reports, there's still some confusion out there that results in lots of wasted time for job seekers, hiring organisations, and recruitment agents.
There is a want or a need to blame recruiters for any hiring difficulties, but we need to stop that. There are some who try to do the right thing but are limited by a lack of any sector experience. Others have been inspired by Wolf Of Wall Street while trying to sound like Simon Cowell.
It's on the hiring organisation? Well, it is, but let's take responsibility for the problem as a sector for a change. Infosec likes to shift responsibility and not take ownership of the problem. We blame CEOs, users, vendors, recruiters, dogs, cats, "Russia", "China" - anyone but ourselves. Could it be we failed as a sector to raise awareness, both internally and externally?
Security De-engineering, published by Taylor Francis, covers ubiquitous problems in information security and offers a solution in the final chapter
Areas covered: Penetration testing, Hackers, CASEs (Checklists and Standards Evangelists), IDS, Cloud Security, jobs in security, Identity Management, and organisational elements.