I bought an iPhone 4 last week. It has 32 GB of memory, nearly as much as my two and a half year old Windows notebook. It does a lot of cool things and as Steve Jobs would say, it is “insanely great”. Now having said that, one of the reasons I got the device was to better understand the ecosystem. Part of this assessment is an understanding of the information security issues. The short answer is that the iPhone … →
In the last few weeks I have talked with several customers about their data loss prevention initiatives. It seems that most of the programs are focused on inadvertent data loss. These are issues such as employees sending spreadsheets with PII data to their Gmail account so they can be productive at home (a VPN is such a hassle). Another example is even more basic – sending email with PII data in the clear to business associates. What I have heard … →
Often the government sector is viewed as unwieldy and cumbersome when it comes to moving rapidly to take advantage of new technology. When it comes to information security this is often the case as well. Since 2002, the U.S. Federal Information Security Management Act (FISMA) has been used to help government agencies manage their information security programs. For many years FISMA has driven a compliance orientation to information security. However, new and more sophisticated threats are causing a shift in … →
More often than not security and IT teams might not care to admit that decisions around information security sometimes get made in an ad hoc fashion. Organizations should invest in developing the processes to make systematic decisions about how to understand the threat environment and the optimum mechanisms to protect their business. The following discussion illustrates the systematic use of risk analysis to evaluate security approaches to a healthcare web application. We will use risk assessment methods to evaluate the … →
Following up on my last NMAP post, processing port scan data in a meaningful manner is essential to network penetration testing. For those who wish to skip the SQL stage and get quick results, the following one-liner will use xmlstarlet to parse a NMAP XML file: cat nmap.xml | xmlstarlet sel -T -t -m “//state[@state='open']” -m ../../.. -v address/@addr -m hostnames/hostname -i @name -o ‘ (‘ -v @name -o ‘)’ -b -b -b -o ” ” -m .. -v @portid … →
