I briefly mentioned before that i wrote an article on MSSP engagements and possible ways to approach such engagements. The ISSA Journal folks were kind enough to take a look at it and decided to publish the article in their November 2014 edition. As not everyone is an ISSA member with access to the Journal […]
A few days ago Dr. Bashroush was so kind to invite me to give a guest lecture on Vulnerability Management at his MSc class at the University of East London. As usual class schedules are packed; nevertheless i hope i could provide a suitable introduction in the limited time i had. It was great to meet the students […]
Microsoft posted an interesting video about their internal penetration testing approach of Azure over at Channel9. It is under 10 minutes and well watching for anyone interested in red team testing or cloud security. Areas covered in this video: Methods of improving Azure security How Azure security operates Understanding emerging threats Red team and blue […]
I came across an interesting article the other day (Does Your CEO Really Get Data Security?) that was raising a controversial point on the relative importance of information security functions for today’s organizations. It starts of by making a good argument that awareness of information security risks at senior leadership levels is crucial but unfortunately […]
Leron Zinatullin asked me if i’m interested in sharing my thoughts on information security trends and culture; naturally i was happy to oblige. You can find the posting over at Leron’s site along with a lot of other noteworthy material.