One of the wonderful pieces of IT security defense is planning for when you get your arse handed to you. The more technical term is incident response, but it’s not as much fun to say to your mates at the pub. Being attacked and having to recover is sadly part of IT life these days, [...]
Twitter does have it uses other than discovering the security industry has it fair share of nutters and those that tweet (I’m ‘down’ with all the terms now) their most random thoughts. Despite the madness and mysterious number of girls in underwear with names of ran-dee-12123 following me, I find a number of gems. The [...]
Most companies have external auditors come in to ensure that regulator measures and processes are in place for a variety of reasons. In the case of auditors, they need to seem validate and have access to some immensely critical and valuable company data, even to the point they have to access and review the crown [...]
After a bit of inbox spring cleaning I found this in an RSS feed on how to approach a discovering you have a Cross-Site Scripting and SQL Injection issue on one of your systems. Both papers are published from Microsoft Security Development Lifecycle (SDL) team, but have a host of industry names that have contributed [...]
It is the first time the Advanced Security Essentials – Enterprise Defender (SEC501) class has been run in Australia and to have the course author, Dr Eric Cole, teaching it was fantastic. I have had said before, Eric is a fantastic speaker, bring a huge amount of energy and real world experience to the material. [...]
