In today’s digital landscape, IT security is a top priority for organizations of all sizes. One effective way to improve IT security is by implementing a single pane of glass, also known as a unified security management system. By integrating multiple security tools and systems into a single interface, a single pane of glass allows …
IT in organizations that are part of the vital infrastructure of a country – for example, banking – revolves around safe and secure practices. No longer is it enough to be able to show regulatory authorities that you can pass their audits, it is about taking responsibility for the financial ecosystem. It is about security …
Trying some new media: Security Talks podcast! https://rss.com/podcasts/securitytalks1/480628/
Security in IT utilises the concept of “assume that you have been breached”. This means that applications and their related infrastructure should be setup in such a way that the impact of a real breach is minimised by making life difficult once an attacker has broken through the defences. Earlier, enablement of infrastructure had months …
Why we ‘shift-left’ with SecDevOps How safe is my bank? With cybercrime on the rise, financial consumers are – rightfully – concerned about the security systems of the organizations they put their trust in. The way we build our core banking systems should reflect these concerns. In fact: we should always strive to be named …
A presentation by Abhay Bhargav on improving application security, making a ‘shift-left’ possible, by supporting developers with security expertise and integrated services. Security engineering, decentralising security, Secure API design, story-driven agile threat models, celebrating failures and more. You can find it here: https://speakerdeck.com/abhaybhargav/devsecoops-stories-of-devsecops-failures-and-success
Nice article on security design anti-patterns: https://www.ncsc.gov.uk/whitepaper/security-architecture-anti-patterns
The golden rule: keep the DNS server that you are interrogating daily as close to you as possible (in your home or office, if you can; if not, at your local ISP). A very nice keynote on DNS Wars, take a look:
It’s all about security, but also about access. Google has adopted a new model for their security. No longer do they choose for perimeter security, they implement security throughout their network. Do not trust your network. It is probably already owned! You can read more about it here: https://thenewstack.io/how-to-start-applying-googles-zero-trust-model/
Intel says its security updates will make 90% of modern PCs and phones IMMUNE to bugs that could expose billions of people’s private data to criminals (but experts warn the flaws are ‘unfixable’) A great read on the Meltdown and Spectre security flaws. Through the Linux Kernel Monkey Log. Some more explanation on the topic: …