Filter By:

Type

Topic

Recent Blogs & Podcasts

21 Results for: "Jason Gillam"

 



October 31, 2017 | Application Development and Testing
By Jason Gillam, IANS Faculty

 When to Trust Docker Images

Docker image security comes down to finding the right balance between trust and risk. In this Ask-an-Expert written response, IANS Faculty Jason Gillam explains why some Docker images (such as those in the official Docker repository) are more trustworthy than others.  

Read More »


October 4, 2017 | Security Awareness, Phishing, Social Engineering
By Jason Gillam, IANS Faculty

 Match Your Phishing Program to Your Maturity Level

The tools and processes used within a typical phishing program differ according to each organization's overall level of security awareness. In this Ask-an-Expert written response, IANS Faculty Jason Gillam explains what a typical phishing program should look like at each stage of maturity.

Read More »


August 10, 2017 | Application Development and Testing
By Jason Gillam, IANS Faculty

 Take a Hybrid Approach to Testing Modern Web and Mobile Applications

Many organizations are considering completely automating their web and mobile application testing, but the increasing complexity of application technology stacks is testing the limits of such automation. In this report, IANS Faculty Jason Gillam recommends taking a hybrid approach to application testing and explains which testing activities should be done manually instead. 

Read More »


July 24, 2017 | Certifications and Training
By Jason Gillam, IANS Faculty

 Tips for Acing the CISSP Exam

The key to acing the CISSP exam is good preparation. In this Ask-an-Expert written response, IANS Faculty Jason Gillam explains how the test is organized and scored, and offers tips on study guides, practice tests, answer strategies and more.

Read More »


July 18, 2017 | AppDev Frameworks
By Jason Gillam, IANS Faculty

 Agile, DevOps and Security: A Primer

As more organizations adopt DevOps and Agile development methodologies, security needs to both understand and participate in the transition. In this Ask-an-Expert written response, IANS Faculty Jason Gillam provides an overview of Agile and DevOps, as well as tips for ensuring security is seamlessly integrated and aligned in the process going forward.

Read More »


July 11, 2017 | Software Development Lifecycle (SDLC)
By Jason Gillam, IANS Faculty

 Get Up to Speed on the Agile SDLC

Shifting from Waterfall to Agile can be frustrating for security teams that aren't well versed in Agile's nuances. In this Ask-an-Expert written response, IANS Faculty Jason Gillam explains the philosophy behind Agile, details the SDLC and shows how it can be used to improve software security over time. 

Read More »


June 9, 2017 | Penetration Testing and Red Teaming
By Jason Gillam, IANS Faculty

 Add Phishing to Your Red Team’s Playbook

While phishing can be a good way to gain an initial foothold in a target network, some red team phishing attempts are more successful than others. In this Ask-an-Expert written response, IANS Faculty Jason Gillam explains how to get the most from some common phishing tools and offers tips for crafting successful phishing attacks.

Read More »


May 12, 2017 | Application Development and Testing
By Jason Gillam, IANS Faculty

 Outsourcing Application Security Testing

Outsourcing dynamic application security testing (DAST), especially since it involves automated tools like AppScan and Burp, should be relatively straightforward. That is, until you consider the importance of the human element. In this Ask-an-Expert live interaction, IANS Faculty Jason Gillam suggests staff augmentation and developer training as more cost-effective and efficient ways to free up internal staff.

Read More »


March 9, 2017 | AppDev Frameworks
By Jason Gillam, IANS Faculty

 Deploying Containers Securely

Developers love containers because they are quick, simple to use and allow for easier scaling of hardware resources, but few pay much attention to the security issues they present. With containers in the mix, how can security organizations ensure their developers aren’t continually copying and pasting security issues across the environment? In this report, IANS Faculty Jason Gillam steps you through the worst of the pitfalls to ensure your organization rolls out more secure containerized solutions.

Read More »