retina

The difference between a vulnerability scanner and a SIEM

by Dave Farquhar
September 23, 2015November 21, 2018

I heard an interesting question the other day: What’s the difference between a vulnerability scanner and a SIEM? Qualys and Nessus are examples of vulnerability scanners. Arcsight and Splunk are examples of SIEMs.

To a security practitioner, the tools couldn’t be much more different, but not everyone is a security practitioner.

On a basic, fundamental level, a vulnerability scanner deals in what’s missing in the environment and what could happen as a result of those things that are missing. A SIEM deals in what actually has happened and is happening.

How to get started in regulatory compliance

by Dave Farquhar
November 27, 2013April 15, 2017

I had a search query about getting started in regulatory compliance, which I’ve written about before, but more from an organizational perspective. That won’t help you much from a career perspective.

I think most any CISSP will answer that question similarly, so I’ll take a stab at it.Read More »How to get started in regulatory compliance

Here’s a nice Linux tool: checkrestart

by Dave Farquhar
March 12, 2013December 5, 2015

Tom Gatermann told me about a nice tool for Debian (and presumably Ubuntu) called checkrestart. Sometimes, even though you did an apt-get update and apt-get upgrade to bring your system up to date, you can still be running the out-of-date version of something. That’s the problem checkrestart helps you solve.

Linus Torvalds is right about “reasonable resolution”

by Dave Farquhar
December 7, 2012November 30, 2018

Linus Torvalds is sick of the gimmicks, and he’s really sick of laptops sporting cheap 720p displays. He wants high-resolution (2560×1600, or even 2048×1536) displays to become standard.

Having seen an Ipad with a 2048×1536 display in person recently, I agree. Read More »Linus Torvalds is right about “reasonable resolution”