Security
Ryan Barnett, Director of Application Security Training at Breach Security, Inc.
Ryan Barnett, Director of Application Security Training at Breach Security, Inc. talks with Stephen Northcutt about the current state of web application security.
Dinis Cruz, Director of Advanced Technology, Ounce Labs
Dinis Cruz, Director of Advanced Technology for Ounce Labs, talks with
Stephen
Northcutt about the many facets of OWASP, as well as the important
questions that need real answers in order to develop secure web
applications.
Brian Chess, Chief Scientist for Fortify Software
Brian Chess, Chief Scientist for Fortify Software, talks with Stephen Northcutt about static analysis and other web application security solutions.
Caleb Sima, CTO for SPI Dynamics
Stephen Northcutt interviews Caleb Sima about the development of Caleb's company, SPI Dynamics, and the increasing need for solutions for web application security.
An Interview with David Hoelzer, author of DAD, a log aggregator
An interview with David Hoelzer describing DAD, an open source Windows event log and syslog management tool that allows you to aggregate logs from hundreds to thousands of systems in real time.
A Model for Licensing IT Security
Category: Legal Issues
Paper Added: August 6, 2013
Discovering Security Events of Interest Using Splunk
Category: Logging Technology and Techniques
Paper Added: July 17, 2013
Practical Cyber Security Training Techniques for New IT Support Employees
Category: Best Practices
Paper Added: July 19, 2013
Detecting Security Incidents Using Windows Workstation Event Logs
Category: Logging Technology and Techniques
Paper Added: July 9, 2013
Security Best Practices for IT Project Managers
Category: Best Practices
Paper Added: June 24, 2013
A Practical Social Media Incident Runbook
Category: Incident Handling
Paper Added: June 20, 2013
Web Application Injection Vulnerabilities: A Web App's Security Nemesis?
Categories: Application and Database Security,Securing Code,Security Basics
Paper Added: June 14, 2013
Electronic Medical Records: Success Requires an Information Security Culture
Categories: HIPAA,Compliance
Paper Added: June 5, 2013
Corporate vs. Product Security
Categories: Best Practices,Incident Handling,Security Policy Issues,Management & Leadership
Paper Added: June 3, 2013
Securing BYOD With Network Access Control, a Case Study
Category: Network Access Control
Paper Added: May 23, 2013
Event Monitoring and Incident Response
Categories: Incident Handling,Intrusion Detection
Paper Added: May 15, 2013
Dead Linux Machines Do Tell Tales
Category: GIAC Honors Papers
Paper Added: May 15, 2013
Setting Up a Database Security Logging and Monitoring Program
Category: Application and Database Security
Paper Added: May 10, 2013
Managing the Implementation of a BYOD Policy
Category: Management & Leadership
Paper Added: May 8, 2013
Analysis of the building blocks and attack vectors associated with the Unified Extensible Firmware Interface (UEFI)
Category: Managed Services
Paper Added: May 2, 2013
