What Is Post-Quantum Cryptography And What Does It Mean For Us?
A recent NSA update addressed the Suite B cryptographic algorithms approved by NSA for protecting U.S. Government data. If you skip ahead to its table of recommendations you will see that some old friends have disappeared — AES with a 128-bit key and SHA-256 have been quietly dropped. The more startling part is in the […]
Leo Tolstoy, Anna Karenina, and Cloud Security (Yes, there is a connection!)
To only slightly paraphrase the original: Stable clouds are all alike, every unstable cloud is unstable in its own way. Information assurance considers three major aspects of information security: Confidentiality, Integrity, and Availability. Availability is about keeping the information around. The concept is pretty simple. But you can always dig a little deeper into the […]
Circles are Bad. OVAL is Good.
In information assurance, it is critical to have the best reporting about your vulnerabilities. Vulnerabilities, as you may recall from an earlier blog, are software flaws that may leave a system open to exploitation. There are tools that help identify and assess vulnerabilities. They are called vulnerability scanners, or VA tools. These are tools designed […]