Learning Tree International Blog

The US National Institutes of Standards and Technology recently asked for comments on a new framework for secure software development. Called Mitigating the Risk of Software Vulnerabilities by Adopting a Secure Software Development Framework (SSDF) this framework seeks to aid developers by providing a somewhat universal framework for secure software development. What this framework doesn’t […]

What is Thinking in the Security Context? One of the biggest challenges organizations face as they strive to safeguard sensitive information is habituating employees to “thinking in the security context.” This mindset requires workers to be perpetually cognizant that every task they perform, from Internet downloads to paper recycling, has the potential to create corporate […]

Before I begin the main part of this post, I’d like you to do an exercise for me: pause and close your eyes but do not think of green monkeys! Concentrate on anything else, but do not think of green monkeys, alright? Good. One important aspect of developing security policies and security training is shaping […]

Playing online games does not really sound like much of a security risk. Whether it is a first-person shooter game, a game where one hunts mythical creatures, an MMORPG, or some sort of simulation, the security concerns often appear minimal. There are two major problems with that idea. The first big issue is that gamers […]

PowerShell Desired State Configuration (DSC) has been around the Microsoft Windows world since 2013, but it’s just beginning to take off. There are certain setting changes, such as adding and removing Windows Server roles and features, that cannot be accomplished easily, or at all, with Active Directory Group Policy Objects (GPOs).  Centrally managed GPOs are […]