We use cookies to deliver you the best experience on our website. By continuing to use our website, you consent to our cookie usage and revised Privacy Statement.

Filter By:

Type

Topic

Recent Blogs & Podcasts

Insights Portal

\ Faculty Reports 



June 7, 2018 | Threat Intelligence and Modeling
By Michael Pinch, IANS Faculty

 Threat Intel: From Feed Frenzy to ROI

Fostering good, actionable threat intelligence doesn't have to be complicated. In this report, IANS Faculty Michael Pinch details practical ways to improve your threat intelligence capabilities and ensure your threat intelligence investments reap a real-life return. 

Read More »


May 23, 2018 | Threat Detection and Hunt Teaming
By Ondrej Krehel, IANS Faculty

 Mature Your Threat Hunting Program

How sophisticated is your threat hunting program? No matter your level, the key to success is in collecting and analyzing the right data sets with the right tools, people and processes. In this report, IANS Faculty Ondrej Krehel explains the different levels of threat hunting maturity and offer tips for moving up the scale and incrementally improving your program.

Read More »


May 2, 2018 | Vulnerability Assessment and Management
By Dave Shackleford, IANS Faculty

 Vulnerability Management in a Post-Equifax World

After the Equifax debacle, upper management cares now more than ever before about vulnerability management. How can you use this new spotlight to take your program to the next level? In this report, IANS Faculty Dave Shackleford explains how to drive the right incentives, build the right metrics framework and get IT on board  for a successful, comprehensive vulnerability/patch management program. 

 

Read More »


April 25, 2018 | Embedded Systems and Internet of Things
By Chris Poulin, IANS Faculty

 Balancing Risk and Reward in IoT Security

Enterprises are scrambling to leverage IoT to gain market share and grow revenues, but can they address IoT's risks at the same speed and scale? In this report, IANS Faculty Chris Poulin discusses how to leverage a mix of existing and emerging infrastructure controls to build both a short- and long-term enterprise security strategy for IoT.

Read More »


April 18, 2018 | Threat Detection and Hunt Teaming
By Marcus Ranum, IANS Faculty

 Honeypots: Are You Up to the Challenge?

Honeypots have a bad rap in infosec circles, and that's unfortunate. Implemented correctly, honeypots are virtually free tools that can help security easily and quickly pinpoint attackers as they perform reconnaissance or try to move laterally through a network. In this report, we explain what honeypots are, offer some simple ways to build them, and detail their pitfalls and success factors. 

Read More »


April 11, 2018 | Threat Intelligence and Modeling
By Bill Dean, IANS Faculty

 Make Sense of Your Threat Intel

With all the threat feeds and intelligence sources out there, how can you choose – and use – the right ones for your specific infosec program and use cases? In this report, IANS Faculty Bill Dean offers practical tips for choosing the right feeds, integrating the data and ensuring you successfully leverage threat intel to proactively detect/prevent attacks.

Read More »


April 10, 2018 | Malware and Advanced Threats
By Mike Saurbaugh, IANS Faculty

 IANS Vulnerability and Breach Update: Q1 2018

Vulnerabilities and breaches are mainstream news regularly. With a new vulnerability seemingly discovered daily, which should be taken more seriously (i.e., patch now!) and which are overhyped? In this quarterly research report, IANS Faculty Mike Saurbaugh updates clients on the top vulnerabilities and breaches from the past quarter and provides some real-world context and perspective.

Read More »


April 4, 2018 | Cloud Network and Host Controls
By Dave Shackleford, IANS Faculty

 IANS Cloud Security Update: Q1 2018

As organizations continue to move services and computing assets into cloud service provider environments, the need for adequate security controls grows as well. In this quarterly research report, IANS Faculty Dave Shackleford updates IANS’ clients on the new developments occurring in the cloud security arena.

Read More »


April 3, 2018 | Budgeting

 Winning the Battle of the Budget

Our Winning the Battle of the Budget research began with two goals: Determine key obstacles (or battlefronts) in enterprise security budgeting, and identify methods and best practices used by successful infosec leaders to grease the budget skids. What we discovered along the way is an uneven battlefield, a place where winning and losing is tied to infosec support across the organization. Regardless of size, maturity or corporate heft, the approach to security budgeting looks different in organizations that inherently value information security and those that do not.

Read More »