We use cookies to deliver you the best experience on our website. By continuing to use our website, you consent to our cookie usage and revised Privacy Statement.

Filter By:

Type

Topic

Recent Blogs & Podcasts

33 Results for: "Marcus Ranum"

 



August 29, 2018 | Big Data
By Marcus Ranum, IANS Faculty

 AI and ML Demystified

Vendors are all hopping on the artificial intelligence (AI) and machine learning (ML) bandwagon, but how can you cut through the hype and understand how to leverage AI and ML for practical security capabilities? In this report, IANS Faculty Marcus Ranum details exactly where AI and ML stand today, and offers some guidance for determining if/when they can help solve real security problems.

Read More »


June 12, 2018 | Metrics and Reporting
By Marcus Ranum, IANS Faculty

 Create Metrics to Show Security’s Business ROI

Dollar-based metrics may get executives' attention, but are they the right tools to use to promote information security across an organization? In this Ask-an-Expert written response, IANS Faculty Marcus Ranum steps through the process of creating actionable security metrics and suggests focusing on staff time vs. dollars when reporting to top management.

Read More »


May 7, 2018 | Architecture, Configuration and Segmentation
By Marcus Ranum, IANS Faculty

 Network Segmentation: A Primer

Network segmentation helps improve security and resilience to attack, but it's far from easy to implement. In this Ask-an-Expert written response, IANS Faculty Marcus Ranum explains the importance of segmentation and offers tips for successful implementation. 

Read More »


April 18, 2018 | Threat Detection and Hunt Teaming
By Marcus Ranum, IANS Faculty

 Honeypots: Are You Up to the Challenge?

Honeypots have a bad rap in infosec circles, and that's unfortunate. Implemented correctly, honeypots are virtually free tools that can help security easily and quickly pinpoint attackers as they perform reconnaissance or try to move laterally through a network. In this report, we explain what honeypots are, offer some simple ways to build them, and detail their pitfalls and success factors. 

Read More »


April 16, 2018 | Vulnerability Assessment and Management
By Marcus Ranum, IANS Faculty

 Create an Efficient, Effective Bug Bounty Program

Organizations with significant software exposure often consider deploying bug bounty programs to improve quality and better manage vulnerability disclosures, but what's the best way to go about it? In this Ask-an-Expert written response, IANS Faculty Marcus Ranum recommends using an internal (vs. outsourced) process and details the critical components for success.

Read More »


January 31, 2018 | Vulnerability Assessment and Management
By Marcus Ranum, IANS Faculty

 Structure a Low-Profile Bug Bounty Program

While Google's bug bounty program is well designed and provides rich rewards, not every organization can operate at that high level. In this Ask-an-Expert live interaction, IANS Faculty Marcus Ranum describes how to build a well-structured, low-profile program that encourages participation using a more realistic reward scale. 

Read More »


December 14, 2017 | Security Policies and Strategy
By Marcus Ranum, IANS Faculty

 Communicate Cybersecurity Vulnerabilities Effectively

Communicating cybersecurity vulnerabilities to customers can sometimes feel like more of an art than a science. In this Ask-an-Expert live interaction, IANS Faculty Marcus Ranum offers a clear blueprint for communicating effectively to ensure customers are protected and the organization does not face undue risk.

Read More »


October 18, 2017 | Configuration and Change Management
By Marcus Ranum, IANS Faculty

 Configuration Management: Driving the Future of Security

Strong configuration management not only eases operational tasks like desktop and server deployments, but it also helps improve security, especially as organizations move to newer on-demand and software-defined networking environments. In this report, IANS Faculty Marcus Ranum details the vital role configuration management plays in today's environments, and offers tips for building a comprehensive program that will help drive security well into the future.

Read More »


September 21, 2017 | Threat Detection and Hunt Teaming
By Marcus Ranum, IANS Faculty

 Honeypots: Don’t Bar the Window; Be the Window

One of the best ways to detect someone climbing into your window is to instrument the window. It’s a different way of thinking about the problem of “too many alerts” in your operations center: narrow the alerts down to activities you don’t expect to see occur. In this report, IANS Faculty Marcus Ranum explains how to cut through the noise with targeted alerts and offers tips and tricks to ensure that your honeypot management doesn’t become a nightmare. 

Read More »