Filter By:

Type

Topic

Recent Blogs & Podcasts

Insights Portal

\ Ask-an-Expert 



February 15, 2018 | DevOps Organization and Strategy
By Dave Shackleford, IANS Faculty

 Best Practices in Container Security

While many organizations are deploying containers for all kinds of applications, few fully understand - and implement - strong container security today. In this Ask-an-Expert live interaction, IANS Faculty Dave Shackleford recommends ways to secure the underlying platform and ensure the integrity of repositories, in addition to other best practices.

Read More »


February 13, 2018 | Security Analytics and Visualization
By John Strand, IANS Faculty,
     Aaron Turner, IANS Faculty

 Cut Through the AI/ML Hype

Vendors across the board are touting artificial intelligence and machine learning as the next big thing in security, but how practical is it for today's enterprises? In this Ask-an-Expert live interaction, IANS Faculty John Strand and Aaron Turner discuss the current state of the technology and offer practical ways to assess vendor offerings.

Read More »


February 8, 2018 | Encryption, Digital Signatures, Certificates, Tokenization
By Dave Shackleford, IANS Faculty

 Best Practices in Secrets Management

Keeping secrets like passwords, private SSH keys, certificates and API tokens safe requires more than just a secure data store. In this Ask-an-Expert written response, IANS Faculty Dave Shackleford steps you through the tools and processes for ensuring all your secrets stay secret.

Read More »


February 7, 2018 | Business Productivity
By Aaron Turner, IANS Faculty

 Choose a Secure Executive Portal

Executive portals and board books must be both easy enough for top execs to use and secure enough to keep board-level information safe. In this Ask-an-Expert written response, IANS Faulty Aaron Turner considers the pros and cons of three offerings: Boardvantage, Diligent and BoardPad.

Read More »


February 6, 2018 | Security Information and Event Management (SIEM) and Log Management
By Justin Searle, IANS Faculty

 Strike the Right Balance When Logging Windows Events

Deciding what to log - and what not to log - is more of art than a science. In this Ask-an-Expert written response, IANS Faculty Justin Searle recommends starting with regulatory requirements and Microsoft's audit policy recommendations, as well as using the Suspect subscription to ensure  Windows event logs stay manageable and actionable.

Read More »


February 5, 2018 | Vendor and Partner Management
By Aaron Turner, IANS Faculty

 Understand and Manage Offshore Contractor Risk

Using offshore contractors in countries like India presents a host of risks, beyond those faced when working with U.S.-based third parties. In this Ask-an-Expert written response, IANS Faculty Aaron Turner urges companies to focus on both geopolitical and human risk factors when choosing an overseas partner.

Read More »


February 1, 2018 | Firewalls, NGFW
By Aaron Turner, IANS Faculty

 Address SSL Inspection Privacy and Performance Concerns

Most organizations agree that inspecting SSL traffic is critical to detecting and preventing all kinds of malware, but many let privacy and performance concerns hold them back from implementing the feature. In this Ask-an-Expert written response, IANS Faculty Aaron Turner offers practical steps for implementing SSL inspection without adversely impacting user privacy or application performance.

Read More »


January 31, 2018 | Vulnerability Assessment and Management
By Marcus Ranum, IANS Faculty

 Structure a Low-Profile Bug Bounty Program

While Google's bug bounty program is well designed and provides rich rewards, not every organization can operate at that high level. In this Ask-an-Expert live interaction, IANS Faculty Marcus Ranum describes how to build a well-structured, low-profile program that encourages participation using a more realistic reward scale. 

Read More »