Category Archives: Vulnerability Management

What Is A Good Security Program?

What distinguishes a good security program? One of the hardest questions to answer in the Information Security field is whether our security program is good, or not. It’s a question we want to answer for many reasons, not least of … Continue reading

Posted in InfoSec, Penetration Testing, Risk Management, Security, Vulnerability Management | Tagged , , , , , | Leave a comment

Vulnerability Management Re-Visited

I know, boring topic. Just part of IT and Security operations. Nothing sexy here. It’s way more fun to think about how to beat those nasty, mean APT’s, how to detect malware actively on your network, how to do fancy … Continue reading

Posted in InfoSec, Risk Management, Security, Vulnerability Management | Tagged , , , , , , | 1 Comment

The Adobe Breach: Initial Lessons

Now that we’ve had a little time to absorb the impact of the Adobe breach, there’s a few lessons we can learn already. First, a link for those who have been living in a cave and don’t know what I … Continue reading

Posted in InfoSec, Risk Management, Security, Vulnerability Management | Tagged , , , | 20 Comments

Back to Basics …. Again

It appears that the bad guys who exploited Adobe in August, and stole ColdFusion and Adobe (maybe) source code, as well as millions of credit card numbers, used a well known ColdFusion vulnerability. What seems to have happened is that … Continue reading

Posted in BYOD, InfoSec, Security, Vulnerability Management | Tagged , , , , , , , | Leave a comment

A New Adventure

As most people in my personal and professional networks know, I am leaving Providence Health & Services for a new job. But, unless I’ve talked directly with you about it, it’s likely that you don’t know WHERE that new job … Continue reading

Posted in Career, InfoSec, Life and Times, Penetration Testing, Vulnerability Management | Tagged , | 5 Comments