The following excerpt is a thread from a discussion on Linkedin in the Information Security Community group. Question: How can a young professional convince startups that InfoSec is needed? And then get them to hire him? I am currently studying InfoSec Management and I am looking to get a job… Continue reading
Search this site
Check out my other project…
- Create an EC2 that runs Chrome for sandboxed websurfing
- Check Multiple AWS S3 Buckets for Missing Default Encryption
- The Equifax Data Breach and the Apache Struts Vulnerability
- Test Early, Test Often
- Linux Hardening
- Information Security at Startup Companies
- Timestamp bash_history with every command
- Has SHA-1 been hacked?
Time is running out to save 50% off the new SANS course on Cloud & Enterprise Vulnerability Management. Join Jonathan and I in Arlington, VA to discuss how to succeed in your VM efforts in your enterprise and as you move to the Cloud.…https://t.co/bVWSUd03YdScott Piper@0xdabbad00
😱 If an AWS IAM user is phished, the cookies allow access to be maintained despite changing the password, logging out, or changing MFA. Only defense is DenyAll the user for 12 hours until the cookies expire. Great find @SpenGietz ! https://t.co/y1btgv0BDq
Cloud security fundamentals, critical concepts of cloud policy & governance for security professionals #SEC545: Cloud Security Architecture & Operations @KennethGHartman #SANSRockyMountain
@KennethGHartman Great Class! @SANSInstitute #SEC545Joe Sullivan@_JoeSullivan
Client: we want a pen test.
Me: you don’t have a security program, incident response program, security team, or any monitoring to speak of. Let’s assess what you need to build and then test an actual security program that’s in place.
Client: we really want a pen test