We use cookies to deliver you the best experience on our website. By continuing to use our website, you consent to our cookie usage and revised Privacy Statement.

Filter By:



Recent Blogs & Podcasts

Insights Portal


August 16, 2018 | Embedded Systems and Internet of Things
By Aaron Turner, IANS Faculty

 Gauge Threats Against City Surveillance Systems

The internet of things (IoT) is often targeted by malicious actors, but what type of threats are most common for city surveillance systems such as red light/speed cameras? In this Ask-an-Expert written response, IANS Faculty Aaron Turner says to watch out for cryptocurrency opportunists, among others.

Read More »

August 15, 2018 | DevOps Organization and Strategy

 DevSecOps Workflow

DevOps is about changing how we think and work to accommodate the scale and speed of today’s cloud-based solutions. This “Shift Left” DevSecOps workflow provides a roadmap for ensuring security teams are also immersed in this new way of thinking and working. 

Read More »

August 15, 2018 | DevOps Organization and Strategy
By Jason Gillam, IANS Faculty

 Shift Left: Drive the Sec into DevSecOps

In the fast-moving world of Agile and DevOps environments, security needs to become an integral part of the continuous integration/continuous delivery (CI/CD) process. In this report, IANS Faculty Jason Gillam examines the tactics and strategies of successful DevSecOps organizations and discusses ways to foster the right organizational mindset to get everyone on the same page.

Read More »

August 14, 2018 | Threats & Incidents

 Phishing/Social Engineering Most Common Causes of POS-System Compromises

Phishing and other social engineering facilitate nearly half (47 percent) of the POS-system compromises investigated by Trustwave. These can happen when administrators don’t properly segregate the cardholder data environment from the rest of the network. Remote access was the second leading cause of POS compromise (23 percent), followed by malicious insiders at 13 percent.

Read More »

August 14, 2018 | Penetration Testing and Red Teaming
By Dave Shackleford, IANS Faculty

 Pros and Cons of Crowdsourced Penetration-Testing

Crowdsourced penetration-testing offers many benefits, not the least of which is the ability to perform more frequent tests to better reflect the dynamic nature of application updates. In this Ask-an-Expert written response, IANS Faculty Dave Shackleford outlines the pros and cons of crowdsourced pen-testing and underscores the need to adopt the right mindset.

Read More »

August 13, 2018 | Threats & Incidents

 Ransomware: Overview of Impact on Users and Downtime

The average number of users impacted in a given ransomware attack was 22, with an average downtime of 14 hours. Those organizations with the most hours of downtime tended to be the mid-market (1000-5000 employees) and enterprise (5000+) organizations.

Read More »

August 13, 2018 | Threat Detection and Hunt Teaming
By John Strand, IANS Faculty,
     Jake Williams, IANS Faculty

 Hacking Back: A Double-Edged Sword

As online attacks continue to grow in frequency and ferocity, some in the security community are making the argument that the bad guys deserve a taste of their own medicine. Enter the notion of hacking back. The concept raises ethical questions, but some experts believe there are valid techniques that can and should be used to defend organizations. In this webinar, IANS Faculty John Strand and Jake Williams explore those techniques, address the ethical questions and help the audience find a happy medium.

Read More »