First thing I think of (being of a certain age) when someone asks why: Why ask why? Answer: Try Bud Dry!(Silly old Budweiser commercial) So why do we need to ask why? Because it would be good to know why we are consistently being attacked by this region of the world. It is always good … Read more
First of all one needs to know what a ZeroDay means, as well as webmin. Webmin is easier to explain. If you go to webmin.com then this explanation: “Webmin is a web-based interface for system administration for Unix. Using any modern web browser, you can setup user accounts, Apache, DNS, file sharing and much more. … Read more
First I must say I did not go to Las Vegas, all I did is hunt the Internet for pieces of information and did not copy completely, but edited to make it easier to understand when reading only (versus giving presentation within the hall): “Controlled Chaos” the Inevitable Marriage of DevOps & Security (Kelly Shortridge … Read more
Since a picture says a thousand words here is an attempt at explanation of Risk Analysis. The rows are “Impact on Environment”: none, minimal, minor, significant, major, critical The “Likelihood” or “Likely – what is % to happen” is the columns: not likely, low, medium, medium-high, high, will happen. These are not “real” systems in … Read more
Is it better to focus on compliance or a on a framework system? I.e. PCI or HIPAA compliance versus ITIL or COBIT for example. There are more regulations coming so let’s add a couple of the US based ones. SHIELD(Stop Hacks and Improve Electronic Data Security) and CCPA(California Consumer Privacy Act). SHIELD – Stop Hacks … Read more
