Practical Steps Toward Compliance With OpenSCAP
In this blog I described some of the logical problems with vulnerability scanners. False positive and false negative errors. Additionally, the worry that problems exist but our tool hasn’t even tried looking for them. Let’s try to make this practical! I’m working on a consulting job as a sub-sub-contractor on a U.S. Department of Defense […]
Vulnerability Scanners: How Helpful Are They?
Many of you must follow formal cybersecurity requirements. PCI DSS, if you accept credit or debit cards. HIPAA, if you store or process health care data. Then, if you’re with the Department of Defense or other U.S. Government agencies, there are more detailed configuration requirements. In theory, you could just read the requirements and then […]
The CCSP Cloud Security Certification is Hot, How Can I Prepare?
The (ISC)2 CCSP is hot. That’s the Certified Cloud Security Professional. It’s from the same group that offers the famous CISSP. At the end of 2018 there were 131,180 people with CISSP world-wide, and 84,557 in the U.S.A. But, only 4,518 people world-wide held CCSP. Do you want to be one of the new ones? Not What […]
What’s New in Red Hat Enterprise Linux 8?
RHEL 8 is on the way! I have experimented with RHEL 8, both the beta release that came out last November and the final release this June. Here’s my brief “test drive” report. For far more detail, I have a series of pages describing the upgrade path from RHEL 5 through 8. RHEL 8 was […]
Which Linux Training is Best for Programmers and Server Administrators?
In this blog I started explaining Learning Tree’s array of Linux training courses. I divided them into courses that prepare you for certification exams, versus those that teach you to use and manage the Linux environment. I explained the CompTIA, Microsoft, and Red Hat certification test-prep courses. Now let’s look at the courses that teach […]