Threat Modeling Simplified

Posted by & filed under Content - Highlights and Reviews, information security, Information Technology, IT, Operations, privacy, security, Tech.

by Sari Greene I cringe each time I hear the oft repeated declarations that “every company will be compromised” and that “it isn’t a matter of if, but when”. These statements are the basis of the FUD (fear, uncertainty and doubt) driven cyber sales machine. What is closer to the truth is that Internet connected… Read more »

The Value of CISSP Certification in Cybersecurity Leadership and How to Pass the Exam

Posted by & filed under Business, career advice, Certification & Licensure, Content - Highlights and Reviews, Operations, privacy, security.

By Sari Greene Sari Greene is an information security practitioner and entrepreneur. She is the author of Security Program and Policies: Principles and Practices, 2nd Edition and The CISSP Complete Video Course. What keeps me up at night isn’t the threat actors or the cybercriminals, the newly identified exploit, or even the prospect of every… Read more »

Understanding the OWASP Mobile Top 10 Security Risks

Posted by & filed under Content - Highlights and Reviews, Programming & Development.

Numerous companies are offering solutions to secure mobile devices in the enterprise by supporting a Bring Your Own Device (BYOD) policy inside the government. Yet even the most robust solutions are still unable to protect mobile devices from the large number of cyber threats that they face. This article introduces you to the Open Web… Read more »

Penetration Testing:Tools, Exploits and Learning Resources

Posted by & filed under Content - Highlights and Reviews, Information Technology, Web Development.

Penetration testing is the methodology of assessing real-world security of a network environment through discovering vulnerabilities and, eventually, exploiting them to confirm a potential security threat. The motivation and intent of penetration testing is to simulate a realistic security attack, putting in-place defense mechanism through its paces, to help improve an organizations’ security structure through… Read more »