Lenny Zeltser not only created some great security cheatsheets, he compiled a list of some good reference guides developed by others.
Why should you trust his FREE cheatsheets? Lenny leads a security consulting practice, teaches malware analysis, explores security topics at conferences and in articles, and volunteers as an incident handler at the Internet Storm Center.
So whether you want to learn more about specific security practices or just have a quick reference, you’ll want these cheatsheets.
Continue reading →
Like this:
Like Loading...
Filed under Audit, Free, How to..., Security
Tagged as cheatsheet, checklist, command line, DDOS, developers, Ed Skoudis, google hacking, history of technology, incident response, jeremy stretch, lenny zeltser, log review, malware, netcat, owasp, reverse-engineering, sans, Security, sql injection, tcpdump
Lenny Zeltser suggest 5 steps that mid-market organizations can take down the security path:
- Identify key data flows
- Understand user interactions
- Examine the network perimeter
- Assess the servers and workstations
- Look at the applications
Continue reading →
Like this:
Like Loading...
Filed under Security
Tagged as application, Audit, baby steps, check the box, checklist, classify, configuration, crash, customer information, data flow, database, famous recipe, hack, home computer, insider, internet facing, lenny zeltser, mitigation, outsider, patch, perimeter, plan, risk, Security, server, sox, Technology, time card, USB drive, users, vendor, workstation
Is PCI still relevant? Some are proclaiming that PCI is irrelevant due to the recent, high-profile breaches. David Mortman disagrees, and I’m on his side.
Continue reading →
Like this:
Like Loading...
Filed under Audit, Security
Tagged as auditor, baseline, breach, checklist, compliance, counselor, data leak protection, david mortman, dlp, fraud, internal auditor, pci dss, risk management 101, Security, sox, tight security, traffic analysis, whistleblowing
ITauditSecurity 