NopSec

OCTOBER 21, 2022

Over the past two decades, Lisa has advised Fortune 500 enterprises on data security, privacy and technology risk management, and led many diverse teams at Ally Financial (GMAC), KPMG, and Blue Cross Blue Shield. Topics discussed: How Kyle kicked off his consulting and podcasting career through cold outreach.

Technology 52

Technology Cybersecurity Risk 52

NopSec

SEPTEMBER 30, 2022

Over the past two decades, Lisa has advised Fortune 500 enterprises on data security, privacy and technology risk management, and led many diverse teams at Ally Financial (GMAC), KPMG, and Blue Cross Blue Shield. In this episode, we are joined by Yabing Wang, the CISO at Justworks.

CISO 52

CISO Technology Education Marketing 52

NopSec

SEPTEMBER 9, 2022

Over the past two decades, Lisa has advised Fortune 500 enterprises on data security, privacy and technology risk management, and led many diverse teams at Ally Financial (GMAC), KPMG, and Blue Cross Blue Shield.

Advertising 52

Advertising Technology Marketing Media 52

NopSec

OCTOBER 7, 2022

Over the past two decades, Lisa has advised Fortune 500 enterprises on data security, privacy and technology risk management, and led many diverse teams at Ally Financial (GMAC), KPMG, and Blue Cross Blue Shield.

Cyber Insurance 52

Cyber Insurance Technology Insurance Engineering 52

McAfee

MARCH 2, 2021

By using both the tactics and perspectives from red and blue teams it is possible to conquer and understand these previously unknown packets. A red team’s purpose may be to look for vulnerabilities, while a blue team may be more interested in detecting or flagging unusual behavior in this traffic.

Hacking 98

Hacking Technology IoT Cybersecurity 98

CyberSecurity Insiders

MARCH 21, 2021

Red and Blue Team exercises, threat hunting, and pen testing also add to the allure of the exciting security practitioner profession. These topics, as well as endless meetings to explain password security and risk management can suck the enthusiasm out of the most passionate security advocate.

Healthcare 118

Healthcare Technology Cybersecurity Engineering 118

Security Boulevard

MARCH 19, 2021

The topic on SOC automation is really a fun one to think about, and even after putting my thoughts into words with my last post , I've still kept thinking about it. As the human attackers are required to evolve the attacking robots, blue team people are required to update the automated defenses.

Phishing 67

Phishing 67

Troy Hunt

OCTOBER 28, 2020

Before you start watching the video I've embedded below, let me set some context: this talk is by Emily Schechter who works on the Google Chrome team. Or saying something like we should just have a "funded multi-disciplinary team" and that'll solve the probl. ah: "What can we build to achieve that?" Is it a button?

Phishing 362

Phishing Password Management Passwords Internet 362

eSecurity Planet

DECEMBER 17, 2021

Following the checklist will help focus your team on the ways in which the security of your company’s SIEM implementation could be undermined. You should make sure to discuss this topic with your SIEM provider during installation, so you know what to check later. See our picks for the Best SIEM Solutions. Vulnerabilities.

Software 116

Software Artificial Intelligence DNS Accountability 116

IT Security Guru

MARCH 25, 2021

In “red orange,” it’s an orange colour with red; “#6699cc” is a grey with blue added. I won’t review those here because they are covered well in this article: [link] But I will say that this topic brings to mind the Stephen Covey quote, “Seek first to understand, then to be understood.”. It’s the same idea when talking about culture.

Technology 101

Technology 101

NopSec

AUGUST 5, 2013

The most surprising take-away for me was the prevalent topic of active defense and offensive security. I had a number of conversations with individuals who talked about cyber defense exercises and described their preference for “red team”. The attacking team is called the red team and the defending team is called the blue team.

Social Engineering 40

Social Engineering Engineering Marketing Media 40

ForAllSecure

FEBRUARY 23, 2021

In other words, do you want the pentester to have some knowledge of your network, in which case you’d hire an internal team to test very specific aspects of your organization. see bring them up to the level if you're doing white box testing or larger companies can have their own internal red teams.

Penetration Testing 52

Penetration Testing InfoSec Cyber Attacks Education 52

ForAllSecure

FEBRUARY 23, 2021

In other words, do you want the pentester to have some knowledge of your network, in which case you’d hire an internal team to test very specific aspects of your organization. see bring them up to the level if you're doing white box testing or larger companies can have their own internal red teams.

Penetration Testing 52

Penetration Testing InfoSec Cyber Attacks Education 52

CyberSecurity Insiders

JUNE 11, 2021

A rigorous peer review process led to 21 awards for research proposals to improve resilience, sustainability, and efficiency through such measures as carbon sequestration, carbon markets, hydrocarbon production, distributed renewables, and cybersecurity, among other topics. The Institute awarded a total of $4.4

Digital transformation 52

Digital transformation Energy and Utilities Computers and Electronics Artificial Intelligence 52

CyberSecurity Insiders

MARCH 29, 2023

” This quote by Dr. Chase Cunningham from his book, “Cyber Warfare – Truth, Tactics, and Strategies,” seems a fitting way to begin the topic of cybersecurity battlegrounds. This requires a team of individuals who work well together and are independently passionate about defending data.

Architecture 109

Architecture Cyber threats Phishing Cybercrime 109

IT Security Guru

DECEMBER 20, 2023

Whether they use the latest advancements in Generative AI or go back to their historic roots with Nigerian princes emailing out of the blue with an offer you can’t refuse, people will know to think hard before they click.

Cybersecurity 132

Cybersecurity Phishing Scams Cloud Migration 132

ForAllSecure

SEPTEMBER 21, 2021

It's an important topic, with real human consequences. I'm a principal on the security team at Cybereason, and I'm also a digital forensics instructor at the SANS Institute, Grooten: Martijn Grooten. The plot must revolve around the misuse of your team's product. So I hope you'll stick around. Cherne: My name is Lodrina Cherne.

Technology 52

Technology Software Surveillance Media 52

The Falcon's View

AUGUST 29, 2017

I concluded that maybe this sub-field would be called something like "behavioral security" and started doing searches on the topic. Behavioral InfoSec Engineering programs and teams should be instantiated that are charged with these practice areas (definitely security awareness and various testing, measuring, and reporting practices).

Information Security 45

Information Security InfoSec Social Engineering Security Awareness 45

ForAllSecure

APRIL 22, 2021

It's a comprehensive book, and it's an important topic. So they're smaller teams, maybe not, you know, they didn't go through very complex engineering process to pick the technologies that they're using, and they go for, kind of like the easiest route or what libraries are available or what product is already kind of like working.

IoT 52

IoT Hacking Internet Internet 52

ForAllSecure

APRIL 22, 2021

It's a comprehensive book, and it's an important topic. So they're smaller teams, maybe not, you know, they didn't go through very complex engineering process to pick the technologies that they're using, and they go for, kind of like the easiest route or what libraries are available or what product is already kind of like working.

IoT 52

IoT Hacking Internet Internet 52

Security Affairs

JANUARY 15, 2020

This topic would rise a question: OilRig does not need advanced exploiting capabilities because it is such a simple way to get into a victim infrastructure ? The iper-connection between the analyzed groups (take a look to the following graph) could prove that those teams are really linked together. Threat Actor Comparison.

Computers and Electronics 88

Computers and Electronics Penetration Testing Malware Government 88

Security Boulevard

APRIL 5, 2022

That said, since I normally blog about information security related topics, I know I need to give a basic overview of what machine learning is and some of the essential concepts that are needed to understand the rest of the post. This is where SHAP joins the team. Machine Learning 101. So What Is Machine Learning?

Architecture 67

Architecture InfoSec Risk Technology 67

Pen Test Partners

OCTOBER 9, 2023

Manufacturer feeds for vulnerabilities should be sent to the development team so they can be made aware of any issues (if RSS is available this can be added into Teams directly), along with general awareness of current trends and techniques in microcontroller security. Back to Table of contents▲ 2.

IoT 52

IoT Firmware Mobile Manufacturing 52

SecureList

MARCH 7, 2024

Out-of-the-blue winnings and refunds Breaks and benefits, especially tax-related, are alluring. In the Russian-language segment of the web, voting for participants in online contests remained a popular topic. Cyberscammers jumped at the chance to exploit the topic. Cybercriminals took advantage of this in 2023.

Phishing 97

Phishing Scams Cryptocurrency Accountability 97

ForAllSecure

MAY 4, 2021

MITRE ATT&CK catalogs the known tactics, techniques, and procedures of past advanced persistent threats , providing a roadmap for any red or blue team. It's a framework, a tabletop adversary emulation, that provides the good guys on red teams and blue teams with some guidance to harden their defenses against future ATT&CKs.

Government 52

Government Marketing Malware Technology 52

ForAllSecure

MAY 4, 2021

MITRE ATT&CK catalogs the known tactics, techniques, and procedures of past advanced persistent threats , providing a roadmap for any red or blue team. It's a framework, a tabletop adversary emulation, that provides the good guys on red teams and blue teams with some guidance to harden their defenses against future ATT&CKs.

Government 52

Government Marketing Malware Technology 52