Cybersecurity

Tag ∙ 53 posts

Posts

Microsoft to CIOs: Drop Dead

Microsoft’s new advice for securing Active Directory does customers a disservice by focusing on the wrong things. Tomorrow’s “Zero Trust” and Azure roadmaps won’t stop today’s ransomware epidemic. Enterprises need to protect the Active Directory they’ve already got.

7 min read ∙ December 22, 2020

Why CISOs should Care About Cloud Drift

Drift metrics can help measure how well-managed an enterprise’s technology assets are. CISOs can mine data contained in mainstream cloud configuration tools to understand conformance or divergence from expected states.

7 min read ∙ September 25, 2019

The Twenty-Year War on Cybercrime

Digital crime is on the rise. To defeat it, defenders need to scale up, gain the full picture of risk, and heed the lessons of John Boyd.

18 min read ∙ June 6, 2015

The DevOps Security Handbook: Building Security In With Chef, Part III

This third post in a series about security and DevOps describes how to configure web servers with TLS.

21 min read ∙ October 6, 2013

The DevOps Security Handbook: Building Security In With Chef, Part II

This second post in a series about security and DevOps describes how to build hardened server images with Chef.

12 min read ∙ October 3, 2013

The DevOps Security Handbook: Building Security In With Chef, Part I

This first post in a series about security and DevOps describes how to bootstrap development of a virtual test server.

16 min read ∙ October 1, 2013