Organizations can reap huge rewards by switching to a DevOps software development model. Some enterprises don’t know how to make the change. Recognizing that fact, I’ve spent the past few weeks discussing the benefits of a DevOps model, outlining how organizations can plan their transition, identifying common problems that companies commonly encounter and enumerating steps for a successful conversion. Of course, organizations aren’t finished once they’ve fully embraced DevOps.

A key to having a good information security program within your organization is having a good vulnerability management program. Most, if not all, regulatory policies and information security frameworks advise having a strong vulnerability management program as one of the first things an organization should do when building their information security program. The Center for Internet Security specifically lists it as number three in the Top 20 CIS Controls.

I was recently asked what I thought were the most significant points in the history of computing. It made me realize most people coming into high tech don’t have a basic understanding of the history of computing, which is important to understand future trends, how products work, and the relationships among computing elements in the technology stack.

DALLAS, July 10, 2018 — AT&T today announced its plans to acquire AlienVault®, a privately held company based in San Mateo, Calif. The agreement has been approved by both companies. The acquisition of AlienVault will enable AT&T to expand its enterprise-grade security solutions portfolio and offerings to millions of small and medium-sized businesses.

Ransomware is a relatively new form of malware that poses significant threats to computer networks, even those with effective security systems. It masquerades as legitimate software and uses encryption protocols, like those designed to protect personal information, to lock down files and hold data for ransom. In addition to the increased frequency of attacks, hackers are continuing to grow more sophisticated, targeting high profile businesses that can afford to pay higher ransoms.

One of the challenges of building and running information technology systems is solving novel problems. That's where frameworks like scrum and agile come in– getting from the unknown to the known with a minimum of frustration and waste. Another challenge is performing known tasks correctly every single time. Here runbooks, checklists, and documentation are your friend.

To create a secure digital profile, organizations need digital integrity. This principle encapsulates two things. First, it upholds the integrity of files that store operating system and application binaries, configuration data, logs and other crucial information. Second, it protects system integrity to make sure applications, endpoints and networks perform their intended functions without degradation or impairment.

It has now become public knowledge that every business organization is under constant threats in the ever-evolving cyberspace. In order to secure their assets and maintain a strong defence against the actors with malicious intent, an organization takes a number of steps such as installing appropriate software and hardware, implementing security controls, etc. One such step is log management which plays a crucial role during a security incident.

Last year we exhibited at a major information security trade show in London, during the preparation for this we received our exhibitor passes as “print yourself” PDF files. We immediately noticed that there are two forms of barcode here and, interestingly, the QR Code seems quite dense given that all it should be storing is a delegate ID number. Being the inquisitive sort of people that we are, we started up a QR scanner and had a look at its contents.