security Archives

Home » security » Page 5

Watermelon KPI meaning and examples

Dave Farquhar security December 6, 2022December 4, 2022

A former Microsoft executive referenced watermelon KPIs the other day on social media. It’s been a long time since I’ve heard that term, but I see examples of watermelon KPIs frequently. Let’s talk about what watermelon KPIs are, how to recognize them, and why they are bad, but people still love them.

A watermelon KPI is a statistic or metric that looks good, but upon further examination, is actually bad. Like a watermelon, these KPIs are green on the outside, but red on the inside.

Dave Farquhar

David Farquhar is a computer security professional, entrepreneur, and author. He has written professionally about computers since 1991, so he was writing about retro computers when they were still new. He has been working in IT professionally since 1994 and has specialized in vulnerability management since 2013. He holds Security+ and CISSP certifications. Today he blogs five times a week, mostly about retro computers and retro gaming covering the time period from 1975 to 2000.

dfarq.homeip.net

Update Windows without rebooting

Dave Farquhar security November 23, 2022October 9, 2022

Of course, saying you can update Windows without rebooting is a bit of a misnomer. Some updates don’t require a reboot, but with the ones that do, there isn’t really any getting around it. You can delay the reboot, but if you never get around to rebooting, you have a partially applied update indefinitely.

But here’s how I used to use delayed reboots to help me get more done in my maintenance window.

Dave Farquhar

dfarq.homeip.net

What a pocket veto is

Dave Farquhar security November 14, 2022November 12, 2022

A pocket veto is a political term, but it doesn’t strictly apply only to governments. It is also a concept or practice in business politics. It’s something I deal with quite a bit as a security professional.

Dave Farquhar

dfarq.homeip.net

What a security champion is

Dave Farquhar security October 31, 2022October 30, 2022

October is security awareness month. So before you go spend the remaining 11 months of the year blissfully less aware of what security types like me do, let’s talk about what a security champion is, and the role a security champion plays in the IT organization.

Dave Farquhar

dfarq.homeip.net

How to read a Qualys scan report

Dave Farquhar security August 15, 2022August 7, 2022

Reading and analyzing a Qualys scan is an underrated skill. Frankly, I see a lot of misuse and abuse surrounding Qualys scans. So let’s talk about how to read and analyze a Qualys scan for the purpose of understanding and solving problems.

You can read it in the user interface but I recommend exporting a CSV so you can sort and filter. The exact CSV format has changed a bit over the years so they may not be in this exact order. But this will get you started. The most important columns are all here.

Dave Farquhar

dfarq.homeip.net

Is a SOC analyst a good job

Dave Farquhar security July 18, 2022March 26, 2024

As a security professional, I frequently get questions about security careers. One common topic is the role of SOC analyst. What is a SOC analyst, and is a SOC analyst a good job? Those are fair questions, and not necessarily as straightforward as it first sounds.

Dave Farquhar

dfarq.homeip.net

Remove Unicode and extended ASCII in Notepad++

Dave Farquhar security July 13, 2022April 4, 2023

There’s been a number of times in my career where I’ve needed to convert files to plain text. That means plain. No smart quotes, Unicode, extended ASCII characters, or other funny business. Here’s how to use Notepad++ to quickly remove all of these types of characters from a text file. Here’s what to do when your plaintext isn’t plain enough.

Dave Farquhar

dfarq.homeip.net

Qualys duplicate assets

Dave Farquhar security May 4, 2022April 30, 2022

One of the most frequent problems people ask me about when doing a health check on their vulnerability management program is duplicate assets in Qualys. If you simply run the tool with the defaults, it is definitely possible to end up with duplicate assets. But with a few configuration changes, you can mostly eliminate this problem.

Dave Farquhar

dfarq.homeip.net

Cyber Kill Chain vs Mitre ATT&CK

Dave Farquhar security January 26, 2022January 26, 2022

The Cyber Kill Chain, developed by Lockheed Martin, and Mitre ATT&CK (pronounced “attack”), are frequently compared, for obvious reasons. Both of them describe how adversaries attack computer networks. So when it comes to Cyber Kill Chain vs Mitre ATT&CK, which is better? It depends who’s asking.

Dave Farquhar

dfarq.homeip.net

Update Windows third-party utilities semi-automatically

Dave Farquhar security, Windows January 17, 2022March 15, 2023

I used to have and recommend a tool for updating all your third party software on Windows machines. Unfortunately that tool went end of life several years ago. But Microsoft, of all people, has a tool that works suitably. Usage is similar to apt or yum on Linux. It’s called Microsoft App Installer, and at the command line, it takes the form of the command winget.

App Installer is a free tool that updates what Windows Update won’t. That means open source apps, but also some third party apps, and even some difficult-to-update Microsoft apps, like the Visual C++ runtime. It is capable of updating more than 3,000 apps.
Read more

Dave Farquhar

dfarq.homeip.net