Filter By:

Type

Topic

Recent Blogs & Podcasts

164 Results for: "Dave Shackleford"

 



February 15, 2018 | DevOps Organization and Strategy
By Dave Shackleford, IANS Faculty

 Best Practices in Container Security

While many organizations are deploying containers for all kinds of applications, few fully understand - and implement - strong container security today. In this Ask-an-Expert live interaction, IANS Faculty Dave Shackleford recommends ways to secure the underlying platform and ensure the integrity of repositories, in addition to other best practices.

Read More »


February 8, 2018 | Encryption, Digital Signatures, Certificates, Tokenization
By Dave Shackleford, IANS Faculty

 Best Practices in Secrets Management

Keeping secrets like passwords, private SSH keys, certificates and API tokens safe requires more than just a secure data store. In this Ask-an-Expert written response, IANS Faculty Dave Shackleford steps you through the tools and processes for ensuring all your secrets stay secret.

Read More »


January 4, 2018 | Cloud Network and Host Controls
By Dave Shackleford, IANS Faculty

 IANS Cloud Security Update: Q4 2017

As organizations continue to move services and computing assets into cloud service provider environments, the need for adequate security controls grows as well. In this quarterly research report, IANS Faculty Dave Shackleford updates IANS’ clients on the new developments occurring in the cloud security arena.

Read More »


December 11, 2017 | Security Policies and Strategy
By Dave Shackleford, IANS Faculty

 Create a Practical, Scalable Cloud Policy

As organizations start moving quickly to the cloud, getting the right cloud governance structure in place becomes paramount. In this Ask-an-Expert written response, IANS Faculty Dave Shackleford provides key considerations, sample language and optimal processes for ensuring your cloud policies will be workable both today and over the long term.

Read More »


November 20, 2017 | Security Awareness, Phishing, Social Engineering
By Dave Shackleford, IANS Faculty

 Defend Your Internal Phishing Campaign to Upper Management

Security teams know internal phishing programs are important, but how can they prove that to others in the organization? In this Ask-an-Expert written response, IANS Faculty Dave Shackleford explains how internal phishing campaigns help validate other security controls and offers multiple stats to prove their benefits, including the fact that simulated phishing attacks yield an average ROI of 37 percent.

Read More »


November 2, 2017 | Security Operations Centers (SOCs)
By Dave Shackleford, IANS Faculty

 SOC Year 1: Set Realistic Expectations

Most organizations struggle to understand what a mature security operations center (SOC) should look like, let alone a fairly new one. In this Ask-an-Expert written response, IANS Faculty Dave Shackleford details some key metrics to track and some realistic expectations to set for the SOC's first year.

Read More »


October 25, 2017 | Cloud Network and Host Controls
By Dave Shackleford, IANS Faculty

 Hybrid Cloud Security: Know the Fundamentals

While hybrid clouds offer more visibility and control than cloud-only environments, they also require smart architecture and security designs to keep data safe and the business as a whole up and running. In this report, IANS Faculty Dave Shackleford details the key fundamentals of hybrid cloud security, including automation, continuous monitoring and shift-left strategies designed to ensure your hybrid cloud workloads remain secure today - and over time. 

Read More »


October 12, 2017 | Threat Intelligence and Modeling
By Dave Shackleford, IANS Faculty

 For Automated Testing Tool Success, Focus on Process and Measurement

Automated testing tools can help shore up defenses while freeing up staffers from mundane tasks, but they must be implemented properly. In this Ask-an-Expert written response, IANS Faculty Dave Shackleford offers tips for putting the right procedures, metrics and management processes in place for deploying tools like Veridian, AttackIQ and SafeBreach. 

Read More »


October 5, 2017 | Cloud Network and Host Controls
By Dave Shackleford, IANS Faculty

 IANS Cloud Security Update: Q3 2017

As organizations continue to move services and computing assets into cloud service provider environments, the need for adequate security controls grows as well. In this quarterly research report, IANS Faculty Dave Shackleford updates IANS’ clients on the new developments occurring in the cloud security arena.

Read More »