Filter By:

Recent Blogs & Podcasts



April 7, 2017 | Cloud Network and Host Controls
By Dave Shackleford, IANS Faculty

 IANS Cloud Security Update: Q1 2017

As more organizations move services and computing assets into cloud service provider environments, the need for adequate security controls grows as well. In this quarterly research report, IANS Faculty Dave Shackleford updates IANS’ clients on the new developments occurring in the cloud security arena.

Read More »

April 7, 2017 | Password Management
By IANS Faculty, IANS Faculty

 Poll: What Are the Best Password Strategies?

Password guidelines seems to change all the time. With new recommendations from NIST and vendors like Microsoft cropping up, how can enterprises determine the best approach? In this Faculty Viewpoint report, IANS Faculty Rich Guida, John Galda, Jason Gillam, Kevin Beaver, Marcus Ranum and Stephen McHenry offer their opinions and some rules of thumb for creating strong, enforceable password policies.

Read More »

April 7, 2017 | Endpoints
By Dave Shackleford, IANS Faculty

 Choosing the Right Endpoint Security Solution for a Virtualized Environment

When it comes to protecting endpoints in a virtualized environment, how important is antivirus (AV) at the hypervisor and host level? In this Ask-an-Expert written response, IANS Faculty Dave Shackleford provides an overview of the virtualization-ready endpoint security solution market and suggests focusing on next-generation capabilities vs. AV going forward.

Read More »

April 5, 2017 | Wireless Networks
By Paul Asadoorian, IANS Faculty

 Detecting Rogue Wireless Access Points

Rogue wireless access points (WAPs) are a known attack vector, but correctly detecting and identifying them amid the noise of different wireless networks and protocols can be difficult. In this Ask-an-Expert written response, IANS Faculty Paul Asadoorian steps through the process of detecting rogue WAPs, including those impersonating corporate SSIDs.

Read More »

April 5, 2017 | Risk Management
By Rich Guida, IANS Faculty

 Creating an Effective IDAM Governance Committee

Planning an optimal identity and access management (IDAM) strategy requires participation and buy-in from a variety of stakeholders, including HR, legal and more. In this Ask-an-Expert written response, IANS Faculty Rich Guida offers recommendations for creating the right membership, rules and processes for a strong IDAM governance committee.

Read More »

April 3, 2017 | Malware and Advanced Threats
By Mike Saurbaugh, IANS Faculty

 IANS Vulnerability and Breach Update: Q1 2017

A new vulnerability or breach seems to be discovered daily, but which should be taken more seriously and which are overhyped? In this report, IANS Faculty Mike Saurbaugh looks back over the major breaches and vulnerabilities of the past three months, explains them and provides real-world context and perspective.

Read More »

March 31, 2017 | DevOps Organization and Strategy
By Michael Pinch, IANS Faculty

 Making Threat Modeling an Integral Part of the Development Process

Threat modeling is a critical part of the mature software delivery process, especially in DevOps environments, but ensuring it's integrated effectively and seamlessly can be tricky. In this Ask-an-Expert written response, IANS Faculty Mike Pinch offers some tips for inserting threat modeling into the development process, along with some key tools to consider.

Read More »