It’s always tricky to write about “top trends” especially in information security given that things are always in a state of flux. Yet still I can’t help but think about several key areas that you and I must keep our eyes on as we move…
Author Archives Kevin Beaver
THE AUTHOR
Kevin Beaver
How Your Web Presence is Throwing You Out Of Compliance
Don’t you hate it when you’re chugging along, minding your own business, doing what you believe to be the right things in business then whammo, an oversight catches you off guard? Take, for instance, a compliance violation that comes up during a routine audit. The…
The Disconnect between IT Security Audit and Software Developers
IT security auditors, whether they’re in-house or external, are forming stronger relationships with IT and security staff. They have to in order to effectively perform their audits. It’s good for the auditor, IT staff, and the business as a whole. When everyone’s on the same…
Top 10 Insider Threats and How to Protect Yourself
The Edward Snowden incident highlights the dangers that an organization could be exposed to due to insiders with ill intent. You know; the very people you’ve entrusted with the organization’s well-being and have assumed to this point that everything they do is on the up…
Lessons Learned From A Web Security Breach
There’s a lot of focus on proactive security testing and rightly so. It’s the best way to stay out of hot water. But what happens when the going gets tough and you end up missing a vulnerability that leads to a web security breach? There’s…
Application Security Calls For A Proactive Approach
Error! That’s something we don’t have much room for in application security. Yet we leave so much to chance. The only reasonable way to find the flaws that matter – and to keep up – is to use automated tools and processes wherever possible. Numerous…
Top 5 Common Network Security Vulnerabilities that Are Often Overlooked
Your network security is just as important as securing your web site and related applications. Networks, because of the sensitive data they usually give access to, are one of the most targeted public faces of an organization. Here are the top 5 network security vulnerabilities…
Understanding the value of the OWASP Top 10 2013
Find out how IT security professionals can benefit from the free resources available from the OWASP Top 10 2013 List of Risks. As IT security professionals we certainly have our fair share of information available to simplify the work we do. There’s the CVE dictionary,…
Responding to DoS attacks at the web layer
Are you ready to respond to DoS attacks at the web layer? In this article, Kevin Beaver shares an anecdote from his own experience whilst highlighting some important steps to take. First things first; responding to DoS attacks at the web layer starts with ensuring…