What does secured mean for Internet access?

What does secured mean for Internet access?

Both Windows and your web browser go out of their way to tell you if your Internet connection is secured, or not secured. Secured certainly sounds better than not secured. But what does secured mean for Internet access? Let’s talk about it.

“Secured” is a friendly word to say your network connection is encrypted. But what that means, exactly, depends on whether it’s your web browser or your operating system saying the connection is secure. The most important thing to remember is that in this case, your browser can compensate for Windows, but Windows can’t compensate for the browser.

Read more

Confirmed vs potential vulnerabilities in Qualys

When you’re looking at a vulnerability scan, you may find several types of line items on the report. Two of them are confirmed and potential vulnerabilities. Let’s take a look at confirmed vs potential vulnerabilities in Qualys.

Potential vulnerabilities are incomplete, in that they show an indication of vulnerability, but not enough for Qualys to confirm it. Confirmed vulnerabilities are more reliable, as Qualys was able to pinpoint a vulnerable file or setting on the system. In some scan results, Qualys refers to potential vulnerabilities as “practice.” As far as Qualys is concerned, practice and potential are interchangeable terms.

Read more

Is USB blocking misguided security?

Blocking USB ports on corporate computers certainly is an inconvenience. But it’s something many companies do in the name of security. The question is, is USB blocking misguided security? Does it solve a problem, or just create others?

There are serious security concerns with USB devices, besides the danger of people copying huge troves of corporate data onto a USB stick and taking that information with them. That’s why many companies, and the government, limit what you can use USB for, or sometimes block it completely.

Read more

What a buffer overflow looks like

What a buffer overflow looks like

Once you know what to look for, a buffer overflow is almost as easy to spot as it is to understand. So here’s what a buffer overflow looks like, whether you’re looking at suspicious network traffic or a suspicious file on disk.

A buffer overflow is a long sequence of NOP operations followed by machine code. The long sequence of NOPs is a tell-tale sign, but disassembling the data that follows will verify it–if it doesn’t disassemble to gibberish, you found a buffer overflow.

Read more

How does Kenna Security work?

Kenna Security is a vulnerability management tool you may have heard of but never used. I find it exceptionally useful, though that’s not always a universal opinion. So how does Kenna Security work, and how can you make it work better?

Kenna Security is not a vulnerability scanner. It works with your existing scanner to enrich the data and make recommendations. This makes it distinct from a vulnerability scanner like Qualys’ flagship product. Using that enriched data to make decisions is key to success with Kenna.

Read more

Making an example of Equifax

Making an example of Equifax

Slate’s Josephine Wolff argues that you have a moral imperative to claim $125 from Equifax as part of their breach settlement. Preventing the kinds of things that happened to Equifax is what I’ve done for a living for the bulk of my career. So here’s why I agree with her argument in favor of making an example of Equifax.

Most companies, in my experience, do patch management and vulnerability management on the cheap and write off the consequences as a cost of doing business. The cost of not doing it right needs to be high enough to get them to spend enough on tools and personnel to get the job done. And as the guy who pushed the patches for 9 years and then shifted in 2014 to being the guy who coaches the patch-pushers, I have a pretty good idea what it takes to do the job right.

Read more

A+ vs Security+

A+ vs Security+

CompTIA positions A+ as a precursor to Security+, but it’s not necessary to have both certifications. It can be helpful, but whether you need one or both depends on what you want to specialize in. And that’s really what it comes down to in A+ vs Security+: area of specialty.

A+ is a certification that covers computer hardware and operating systems, intended for technicians and system administrators. Security+ is an entry-level security certification, and the overlap between the two may not be obvious.

Read more

Why does the government require CISSP or Security+?

Why does the government require CISSP or Security+?

Why does the government require CISSP or Security+ for certain jobs? While requiring people to pass a test can cause problems, I’ve seen it solve bigger problems.

Certification tests establish a baseline set of knowledge that a person filling a role has mastered. It provides a standard, repeatable, and objective third-party measure of a person’s qualifications, even if it’s possible to game the system.

Read more

Should I install updates on my computer?

Should I install updates on my computer?

I was talking with an insurance adjuster when he asked me what I do for a living. I explained that I help companies make sure they’re doing a good enough job of updating their computers. That visibly disturbed him. “So should I install updates on my computer or not?” he asked.

Security experts agree that installing updates on your computer is one of the top three things, if not the most important thing, you can do to protect your security and privacy. It’s also one of the easiest, and the most practical thing home users can do.

Read more

WordPress Appliance - Powered by TurnKey Linux