Profile cover photo
Profile photo
Tech Contractor
Tech's posts

Post has attachment
CMS Information Security Acceptable Risk Safeguards (ARS) v2.0 to v3.0
CMS Information Security Acceptable Risk Safeguards (ARS) v2.0 to v3.0 CMS has recently moved from ARS v2.0 to v3.0 and have taken off v2.0 from their public website. If you need a copy of moderate ARS v2.0 get it here .

Post has attachment
It is personal: When your life resides in a data center
How many
times did you leave your wallet at a park bench or public transport and slept
soundly knowing your money is in public domain? I guess not a lot of times. Why
is that when our most important health records, personal information and
financial informa...

Post has attachment
How to check if we trust a website
Dax Norman gave a very creative scoring method which could be used to check if a website can be trusted here and below.

Post has attachment
Capabilities of IBM App Scan as a Source code scanning tool I like IBM App Scan as it offers a wide variety of options and is a flexible enterprise tool. The pricing for IBM and HP tools are almost similar and most IT shops will have to invest in such tools...

Post has attachment
Barrier to entry for PCI gap analysis
If a company processes credit cards, and other payment cards they need to show compliance to PCI DSS stardards. PCI gap analysis finds areas where a company does not meet the ~228 PCI DSS security controls/requirements and points out PCI DSS security contro...

Post has attachment
Old exploits new names aka Ghost vulnerabilities in Linux distros
Ghost vulnerability affecting Linux distributions remind us that we need to perform static code analysis and also keep fixing old code. We keep finding memory management exploits in code which should be already been fixed for example glibc. More on this vul...

Post has attachment
DoD Cybersecurity Policy Chart Has Been Updated
The latest information assurance (IA) policy chart looks pretty comprehensive. The latest IA Policy Chart can be found on the CSIAC website here .  As the webpage states " The goal of the DoD Cybersecurity Policy Chart (downloadable via the
hyperlinked ico...

Post has attachment
Dangers of doing business in the global village
IT security small business leaders have to deal with a lot of data points and business decisions everyday. One of those business decisions is new business development and contracts. Whenever IT security business is looking at new business they always come a...

Post has attachment
Why learning assembly language is good for malware analysis
Usually when an attacker/malware author compiles his code using any number of compiled languages they end up with a machine executable format. When an defender/malware analyst wants to disassemble this arcane mumbo jumbo machine executable format into a hum...

Post has attachment
IBM restructuring its business units to bet big on cloud
The VAR guy reports big changes for IBM during 2015 including re-positioning business units for cloud business away from traditional silos of software, hardware and services. More on this here . This will be a fundamental shift in the way traditional IT com...
Wait while more posts are being loaded