Security Breach Transparency
Another security breach has made the news. This time the folks at Ticketek are having a hard time explaining why ...customers' names, emails and dates of birth may have been accessed in cyber security breach.
securityΒΆ
Automated Security Reporting
Having some form of automated security reporting platform will help organisations to have real-time visibility of the security posture across their environment. By tailoring the dashboards to different audiences (or personas), CISOs and CIOs can leverage data for decision-making, giving visibility to all levels within the organisation.
Vulnerability Management
Vulnerability management is a continuous, proactive, and often automated process that keeps your computer systems, networks, and enterprise applications safe from cyber-attacks and data breaches by ensuring any weaknesses in the underlying software are updated.
Why HTTP is bad
We've become accustomed to seeing HTTPS on our websites, yet there are still some that simply refuse to use HTTPS. Our favourite Bureau of Meteorology is exactly one such case.
Strange password policies
We all have passwords, and the volume of passwords we need to manage is not slowing down. Most of the sites we interact with have some sort of a password policy that forces you to go through a process of trying to create them. I have written about this before.
Threat Modeling
Threat modeling is a process used by developers and engineers to understand the threats that exist that may exploit a weakness or vulnerability in a software application or platform.
Why did I get hacked?
It's a question I get asked frequently. Friends and family have faced this numerous times. "My Facebook account got hacked! How did this happen?"
Security Hygiene
Security hygiene is the practice of maintaining a computer system, by ensuring the basic controls are executed on a regular basis. It is, at its core, a precautionary practice, sometimes may be seen as mundane, yet still critical to the safe operation of your IT system.
Password policies
Almost every company on the face of the planet has them... Password policies. They describe how long and complex they need to be, and how often you need to change them, much to the dismay of of your users. Let's talk about passwords. In this article, we will only cover the authentication side of the security model.