Filter By:

Recent Blogs & Podcasts

21 Results for: "Jason Gillam"

 



October 31, 2017 | Application Development and Testing
By Jason Gillam, IANS Faculty

 When to Trust Docker Images

Docker image security comes down to finding the right balance between trust and risk. In this Ask-an-Expert written response, IANS Faculty Jason Gillam explains why some Docker images (such as those in the official Docker repository) are more trustworthy than others.  

Read More »


October 4, 2017 | Security Awareness, Phishing, Social Engineering
By Jason Gillam, IANS Faculty

 Match Your Phishing Program to Your Maturity Level

The tools and processes used within a typical phishing program differ according to each organization's overall level of security awareness. In this Ask-an-Expert written response, IANS Faculty Jason Gillam explains what a typical phishing program should look like at each stage of maturity.

Read More »


August 10, 2017 | Application Development and Testing
By Jason Gillam, IANS Faculty

 Take a Hybrid Approach to Testing Modern Web and Mobile Applications

Many organizations are considering completely automating their web and mobile application testing, but the increasing complexity of application technology stacks is testing the limits of such automation. In this report, IANS Faculty Jason Gillam recommends taking a hybrid approach to application testing and explains which testing activities should be done manually instead. 

Read More »


July 24, 2017 | Certifications and Training
By Jason Gillam, IANS Faculty

 Tips for Acing the CISSP Exam

The key to acing the CISSP exam is good preparation. In this Ask-an-Expert written response, IANS Faculty Jason Gillam explains how the test is organized and scored, and offers tips on study guides, practice tests, answer strategies and more.

Read More »


July 18, 2017 | AppDev Frameworks
By Jason Gillam, IANS Faculty

 Agile, DevOps and Security: A Primer

As more organizations adopt DevOps and Agile development methodologies, security needs to both understand and participate in the transition. In this Ask-an-Expert written response, IANS Faculty Jason Gillam provides an overview of Agile and DevOps, as well as tips for ensuring security is seamlessly integrated and aligned in the process going forward.

Read More »


July 11, 2017 | Software Development Lifecycle (SDLC)
By Jason Gillam, IANS Faculty

 Get Up to Speed on the Agile SDLC

Shifting from Waterfall to Agile can be frustrating for security teams that aren't well versed in Agile's nuances. In this Ask-an-Expert written response, IANS Faculty Jason Gillam explains the philosophy behind Agile, details the SDLC and shows how it can be used to improve software security over time. 

Read More »


June 9, 2017 | Penetration Testing and Red Teaming
By Jason Gillam, IANS Faculty

 Add Phishing to Your Red Team’s Playbook

While phishing can be a good way to gain an initial foothold in a target network, some red team phishing attempts are more successful than others. In this Ask-an-Expert written response, IANS Faculty Jason Gillam explains how to get the most from some common phishing tools and offers tips for crafting successful phishing attacks.

Read More »


May 12, 2017 | Application Development and Testing
By Jason Gillam, IANS Faculty

 Outsourcing Application Security Testing

Outsourcing dynamic application security testing (DAST), especially since it involves automated tools like AppScan and Burp, should be relatively straightforward. That is, until you consider the importance of the human element. In this Ask-an-Expert live interaction, IANS Faculty Jason Gillam suggests staff augmentation and developer training as more cost-effective and efficient ways to free up internal staff.

Read More »


April 7, 2017 | Password Management
By IANS Faculty, IANS Faculty

 Poll: What Are the Best Password Strategies?

Password guidelines seems to change all the time. With new recommendations from NIST and vendors like Microsoft cropping up, how can enterprises determine the best approach? In this Faculty Viewpoint report, IANS Faculty Rich Guida, John Galda, Jason Gillam, Kevin Beaver, Marcus Ranum and Stephen McHenry offer their opinions and some rules of thumb for creating strong, enforceable password policies.

Read More »