Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Security

Weekly Cyber Security News 24/08/2018

A selection of this week’s more interesting vulnerability disclosures and cyber security news. We all know its great adding cool features to stuff, but what’s not great if its not thought through well enough so as to be a potential issue down the line. Looks like we have a bad idea which in retrospect is potentially out to get us…

Antivirus Evasion for Penetration Testing Engagements

During a penetration testing engagement, it’s quite common to have antivirus software applications installed in a client’s computer. This makes it quite challenging for the penetration tester to run common tools while giving the clients a perception that their systems are safe, but that’s not always the case. Antivirus software applications do help in protecting systems but there are still cases where these defenses can be bypassed.

Appointing a DPO

A Data Protection Officer (DPO) is a lot like a little angel on your shoulders, except instead of a little harp, they have a complete understanding of GDPR and other data protection laws. Their job is to make sure you don’t listen to the devil on your other shoulder encouraging you to do all sorts of non-compliant things, like process data unlawfully or without permission.

Weekly Cyber Security News 17/08/2018

A selection of this week’s more interesting vulnerability disclosures and cyber security news. Been a strange week, always is, but this time some really dumb self inflicted breaches and own goals that defy belief. What I will focus on this week is the future, the dark looming cloud that is brewing from badly thought-out out approaches to dealing with an age old problem.

Threat Actors in Critical Infrastructure: New Trends and Risk Factors

In this on-demand webcast, guest presenter Mike Chaney, who supports the DHS, National Cybersecurity & Communications Integration Center (NCCIC), and David Meltzer, Tripwire CTO, will share best practices to reduce the likelihood and severity of incidents that may significantly compromise the security and resilience of the critical infrastructure.

ITIL, Problem Management and Tripwire Enterprise

I’ve written about ITIL and Tripwire Enterprise, offering a secure approach to managing your Change Management processes, but ITIL’s guidelines offer more than just recommendations around ensuring changes happen as expected. Problem management is another key area where Tripwire Enterprise can help you on your ITIL journey. ITIL sensibly focuses on root-cause analysis for problem management.