We use cookies to deliver you the best experience on our website. By continuing to use our website, you consent to our cookie usage and revised Privacy Statement.

Filter By:

Type

Topic

Recent Blogs & Podcasts

200 Results for: "Dave Kennedy"

 


July 18, 2018 | Insider Threats
By Dave Kennedy, IANS Faculty

 Insider Threat Software: Know the Options

Strong insider threat programs require a potent mix of people, processes and technology, but visibility is the most important piece. In this Ask-an-Expert written response, IANS Faculty Dave Kennedy recommends focusing on SIEM, UBA, DLP, EDR and other tool sets, and provides a list of likely vendor candidates.

Read More »


May 14, 2018 | Threat Detection and Hunt Teaming
By Dave Kennedy, IANS Faculty

 Threat Hunting: Why Proactive Matters

Attackers keep evolving their tactics, making it increasingly difficult for traditional forensic techniques to keep up. It’s time to get proactive – and that’s where threat hunting comes into play. In this webinar, IANS Faculty Dave Kennedy explains why threat hunting is important, and how hunt teams can directly increase the overall maturity (and ROI) of your monitoring and detection capabilities. He also details specific methods for detecting abnormal patterns of behavior and other tactics hunters can use to hone their craft.

Read More »


January 12, 2018 | Vulnerability Assessment and Management
By Dave Kennedy, IANS Faculty

 Meltdown and Spectre: What to Do Now

The recently revealed Meltdown and Spectre chip vulnerabilities are leaving many security organizations scrambling to get a fix in place. In this Ask-an-Expert live interaction, IANS Faculty Dave Kennedy explains how attackers can leverage the flaws and why certain devices are more vulnerable than others. He also recommends taking a risk-based approach to patching them.

Read More »


August 23, 2017 | Architecture, Configuration and Segmentation
By Dave Kennedy, IANS Faculty

 Why Jump Servers Are Important

Developers and system administrators may not like using jump servers to access critical resources, but they are an important layer of security, especially when it comes to disrupting lateral movement. In this Ask-an-Expert written response, IANS Faculty Dave Kennedy explains how using - and configuring - jump servers correctly can slow down attackers and help prevent data loss.

Read More »


August 22, 2017 | Penetration Testing and Red Teaming
By Dave Kennedy, IANS Faculty

 Top 10 Ways Penetration Testers Break Into Organizations

Penetration-testers are great at uncovering critical vulnerabilities that give them unfettered access across entire organizations, but did you know that many rely primarily on 10 common (and easily mitigated) exploits? In this Ask-an-Expert written response, IANS Faculty Dave Kennedy details penetration-testers' top go-to methods and offers advice for shutting them down.

Read More »


August 3, 2017 | Managed Security Services
By Dave Shackleford, IANS Faculty,
     Dave Kennedy, IANS Faculty

 How to Vet and Choose the Right MSSP for You

Most MSSPs claim to have the right staff and services in place to meet your every security need, but how can you be sure the one you pick will actually deliver on its promises? In this Ask-an-Expert written response, IANS Faculty Dave Shackleford and Dave Kennedy offer a shortlist of top vendors and offer advice for vetting, choosing, contracting with and managing the right MSSP. 

Read More »


May 22, 2017 | Malware and Advanced Threats
By Dave Kennedy, IANS Faculty

 Dave Kennedy on WannaCry and the Future of Ransomware Attacks

IANS Faculty Dave Kennedy, president and CEO of TrustedSec and frequent guest on major news networks such as CNN and Fox, stops by the IANS studio to review the latest details surrounding the WannaCry attack and offer tips for thwarting future attacks, from disabling SMB-1 to implementing application whitelisting.

Read More »


May 8, 2017 | Endpoints
By Dave Kennedy, IANS Faculty

 Weighing Traditional vs. Next-Gen Endpoint Protection

Traditional endpoint protection platforms (EPPs) like McAfee or Symantec tend to have rich feature sets, but are lagging in newer capabilities. Next-gen endpoint solutions, on the other hand, have cutting-edge features but don't offer a broad range of functionality. In this Ask-an-Expert live interaction, IANS Faculty Dave Kennedy compares the two spaces and offers recommendations for getting the best of both worlds.

Read More »


April 18, 2017 | Penetration Testing and Red Teaming
By Dave Kennedy, IANS Faculty

 Adversarial Simulations - Evolving Penetration Testing

Penetration testing has been given quite a few names over the past few years, including everything from “vulnerability scanning” all the way to “targeted and direct attacks” against organizations. This comes as attacker techniques themselves are shifting based on organizations adding more detection capabilities into their environments. In this webinar, IANS Faculty Dave Kennedy dives into some of the latest attack vectors and discusses why adversarial simulations are some of the most effective methods for building defenses within your organization. 

Read More »