Vulnerability Scanners: How Helpful Are They?
Many of you must follow formal cybersecurity requirements. PCI DSS, if you accept credit or debit cards. HIPAA, if you store or process health care data. Then, if you’re with the Department of Defense or other U.S. Government agencies, there are more detailed configuration requirements. In theory, you could just read the requirements and then […]
The Brave Web Browser: Faster and More Secure
It is a Brave new (browser) world out there. Almost since the start of the World Wide Web, users have had different preferences of how to access it. Some like Firefox, some Safari, some Chrome, some Opera, some Chrome, some… You get the picture. The “browser wars” ebb and flow in intensity. A relatively new […]
What is Credential Stuffing and Why Should I Care?
You should know by now that using common passwords is a bad idea. And you may have heard of recent password breaches and that you should change passwords on breached sites. But there is an additional threat: credential stuffing. Whenever there is a breach where usernames or email addresses are disclosed and can be matched […]
The CCSP Cloud Security Certification is Hot, How Can I Prepare?
The (ISC)2 CCSP is hot. That’s the Certified Cloud Security Professional. It’s from the same group that offers the famous CISSP. At the end of 2018 there were 131,180 people with CISSP world-wide, and 84,557 in the U.S.A. But, only 4,518 people world-wide held CCSP. Do you want to be one of the new ones? Not What […]
A Cyber Security Income Opportunity: Freelance Bug Finder
I recently wrote about the Cyber Security Staffing Shortage, and how it meant good things for those interested in careers in cyber security. Here is another – potentially quite lucrative – opportunity: bounty hunter. I’m not talking about the bounty hunters you see in movies or television shows, though. I’m talking about bug finders. You […]