Filter By:

Recent Blogs & Podcasts



July 24, 2017 | Certifications and Training
By Jason Gillam, IANS Faculty

 Tips for Acing the CISSP Exam

The key to acing the CISSP exam is good preparation. In this Ask-an-Expert written response, IANS Faculty Jason Gillam explains how the test is organized and scored, and offers tips on study guides, practice tests, answer strategies and more.

Read More »

July 21, 2017 | Mobile Access and Device Management
By Ken Van Wyk, IANS Faculty

 Van Wyk: Security Track Record for iPhone Not an Accident

It’s not just luck. Apple has managed to keep the iPhone (and its iOS brethren) safe from any major malware outbreak for 10 years. Building a multi-faceted security architecture that substantially raises the cost of successful attacks can be extremely effective. 

Read More »

July 21, 2017 | Encryption, Digital Signatures, Certificates, Tokenization
By Aaron Turner, IANS Faculty

 Full Disk Encryption: Some Keys to Success

Full disk encryption is the best way to protect data at rest, but not all implementations are equally secure. In this Ask-an-Expert written response, IANS Faculty Aaron Turner highlights key regulatory and technology issues to consider, and provides tips for getting the deployment right.

Read More »

July 20, 2017 | AppDev Frameworks
By Dave Shackleford, IANS Faculty

 Container Security Best Practices

Ensuring containers like Docker remain secure is critical, because any missed issues may end up propagating throughout an environment. In this Ask-an-Expert written response, IANS Faculty Dave Shackleford offers some tips and best practices for deploying containers securely. 

Read More »

July 18, 2017 | AppDev Frameworks
By Jason Gillam, IANS Faculty

 Agile, DevOps and Security: A Primer

As more organizations adopt DevOps and Agile development methodologies, security needs to both understand and participate in the transition. In this Ask-an-Expert written response, IANS Faculty Jason Gillam provides an overview of Agile and DevOps, as well as tips for ensuring security is seamlessly integrated and aligned in the process going forward.

Read More »

July 17, 2017 | Incident Response Planning
By Marcus Ranum, IANS Faculty

 Best Practices for Dynamic Business Unit Isolation

When malware strikes, many companies rush to isolate their critical business units from potentially infected corporate resources, but what are the best ways to go about this? In this Ask-an-Expert live interaction, IANS Faculty Marcus Ranum suggests scaling the separation level to match the threat, and pre-positioning key tools to ease after-separation monitoring and response.

Read More »

July 15, 2017 | Networking and Network Devices
By Chris Gonsalves, IANS Director of Technology Research

 Patch Now: Cisco Closes Nine Serious SNMP Holes in IOS, IOS-XE

Cisco Systems this week issued patches for a series of critical SNMP vulnerabilities in its popular IOS and IOS-XE network infrastructure software. The nine publicly disclosed security flaws could enable an unauthenticated attacker to run remote code on – or take complete control of – target systems

Read More »

July 14, 2017 | Endpoints
By Marcus Ranum, IANS Faculty

 Navigate the Changing Landscape of ‘Next-Gen’ Antivirus and Endpoint Protection

From OSX to iOS and Windows XP to Windows 10, there is a very broad expanse of territory that has to be covered from an endpoint security perspective these days. In this report, IANS Faculty Marcus Ranum offers suggested investments in endpoint security over the next 24 months, and gives tips for evaluating all of the new “next-gen AV” products on the market today. 

Read More »