What manual testing is in security

What manual testing is in security

The SANS vulnerability management maturity model has an entire section on manual testing. That may not be a phrase you hear very often because there are several types of manual tests. So what is manual testing in security?

Manual testing is a form of security testing, namely, looking for security vulnerabilities in a non-automated or semi-automated fashion at most. It is not the same as vulnerability scanning like one does with tools like Nessus or Qualys.

Read more

Watermelon KPI meaning and examples

Watermelon KPI meaning and examples

A former Microsoft executive referenced watermelon KPIs the other day on social media. It’s been a long time since I’ve heard that term, but I see examples of watermelon KPIs frequently. Let’s talk about what watermelon KPIs are, how to recognize them, and why they are bad, but people still love them.

A watermelon KPI is a statistic or metric that looks good, but upon further examination, is actually bad. Like a watermelon, these KPIs are green on the outside, but red on the inside.

Read more

Update Windows without rebooting

Update Windows without rebooting

Of course, saying you can update Windows without rebooting is a bit of a misnomer. Some updates don’t require a reboot, but with the ones that do, there isn’t really any getting around it. You can delay the reboot, but if you never get around to rebooting, you have a partially applied update indefinitely.

But here’s how I used to use delayed reboots to help me get more done in my maintenance window.

Read more