We use cookies to deliver you the best experience on our website. By continuing to use our website, you consent to our cookie usage and revised Privacy Statement.

Filter By:

Type

Topic

Recent Blogs & Podcasts

Insights Portal

\ Threats & Vulnerabilities 



August 14, 2018 | Penetration Testing and Red Teaming
By Dave Shackleford, IANS Faculty

 Pros and Cons of Crowdsourced Penetration-Testing

Crowdsourced penetration-testing offers many benefits, not the least of which is the ability to perform more frequent tests to better reflect the dynamic nature of application updates. In this Ask-an-Expert written response, IANS Faculty Dave Shackleford outlines the pros and cons of crowdsourced pen-testing and underscores the need to adopt the right mindset.

Read More »


August 13, 2018 | Threat Detection and Hunt Teaming
By John Strand, IANS Faculty,
     Jake Williams, IANS Faculty

 Hacking Back: A Double-Edged Sword

As online attacks continue to grow in frequency and ferocity, some in the security community are making the argument that the bad guys deserve a taste of their own medicine. Enter the notion of hacking back. The concept raises ethical questions, but some experts believe there are valid techniques that can and should be used to defend organizations. In this webinar, IANS Faculty John Strand and Jake Williams explore those techniques, address the ethical questions and help the audience find a happy medium.

Read More »


July 24, 2018 | Malware and Advanced Threats
By Jake Williams, IANS Faculty

 Take a Clear-Eyed Approach to Ransomware

As ransomware incidents become increasingly common, most organizations realize they need to better tailor their incident response strategies. In this Ask-an-Expert live interaction, IANS Faculty Jake Williams offers tips on buying cryptocurrency, engaging a middleman for negotiations, setting up an optimal backup strategy and countering the "CSI Effect."

Read More »


July 18, 2018 | Insider Threats
By Dave Kennedy, IANS Faculty

 Insider Threat Software: Know the Options

Strong insider threat programs require a potent mix of people, processes and technology, but visibility is the most important piece. In this Ask-an-Expert written response, IANS Faculty Dave Kennedy recommends focusing on SIEM, UBA, DLP, EDR and other tool sets, and provides a list of likely vendor candidates.

Read More »


July 17, 2018 | Authentication
By Michael Pinch, IANS Faculty

 Blockchain as an Infosec Strength and Weakness

As crypto currency trading grows more popular, people are hearing a lot about how the Blockchain is key to making it all work. Meanwhile, security experts are talking more about the technology as a defensive asset and, if abused, a dangerous threat vector. In this webinar, IANS Faculty Michael Pinch walks through how Blockchain came about, how it works and how it’s central to managing digital currency transactions. He also reviews how it can be used to bolster security, how the bad guys can exploit it to launch attacks, and what organizations can do to protect themselves.

Read More »


July 10, 2018 | Business Productivity
By Michael Pinch, IANS Faculty

 Tag External Email Efficiently and Effectively

Many organizations are considering tagging external email as way to raise awareness for internal users, but what is the best way to go about it? In this live Ask-an-Expert interaction, IANS Faculty Michael Pinch recommends some best practices but also suggests using tools like SPF, DKIM and DMARC for added security. 

Read More »


July 6, 2018 | Malware and Advanced Threats
By Mike Saurbaugh, IANS Faculty

 IANS Vulnerability and Breach Update: Q2 2018

Vulnerabilities and breaches are mainstream news regularly. With a new vulnerability seemingly discovered daily, which should be taken more seriously (i.e., patch now!) and which are overhyped? In this quarterly research report, IANS Faculty Mike Saurbaugh updates clients on the top vulnerabilities and breaches from the past quarter and provides some real-world context and perspective.

Read More »


June 21, 2018 | Vulnerability Assessment and Management
By Kevin Beaver, IANS Faculty

 Best Practices in Database Vulnerability Management

Beyond data encryption and access monitoring, how can organizations ensure the data within their SQL Server, DB2 and Oracle databases are secure? In this Ask-an-Expert written response, IANS Faculty Kevin Beaver recommends performing authenticated vulnerability scans in addition to implementing in-depth penetration testing, monitoring and other controls.

Read More »