About Us | Contact Us
View Cart
Archive for 'Technical Security Standards' Category

When You Accidentally Go Open Source

By Vigilize - Last updated: Monday, July 24, 2017

32 TB of Windows 10-related source code is now available, for better or for worse… An article review. Releasing the source code for a project has been a common practice among some developers for decades now–proponents say allowing any interested parties to view the code makes for safer systems, preventing sneaky back doors and unintentional […]


Ten Must-Reads For Information Security Awareness

By Vigilize - Last updated: Thursday, April 20, 2017

These titles should be on every professional’s list. An article review. If there’s one thing you can take away from the most recent installment of our annual T7 article, it’s that the threats we face when securing IT assets are a diverse and constantly evolving lot. That’s why staying current is one of the most […]


Digital Security Standard Compliance: Is It Enough?

By Jolley | Hadaway - Last updated: Friday, February 24, 2017

While the credit card industry-backed program has good aspects, it should not replace the SOC-2. With the number of different security standards–and ways to test those standards–out there, it can be difficult to stay on top of just what is required, compliance wise, for a specific situation. Case in point, we recently had a client with […]


A Password Management Horror Story

By Vigilize - Last updated: Friday, February 24, 2017

Not having strong policies surrounding shared passwords could make your data a hostage An article review. Do you know who is in control of the various account credentials used by your organization’s employees? One Indianapolis company is, but only after a fired employee held a vital password hostage for $200,000 according to an article in […]


In-Memory Malware Hitting Banks Across The Globe

By Vigilize - Last updated: Wednesday, February 22, 2017

Residing almost entirely in memory, these new attacks are much harder to combat An article review. Our friend Wes Pollard at Home Bank turned us on to this story from Ars Technica about a rash of new malware attacks with a new twist: they reside almost entirely in a computer’s memory. Traditional attacks have installed […]


Alarming Recurring Finding

By Dan Hadaway - Last updated: Tuesday, March 8, 2016

“Mal-Configured Secure E-Mail . . .” A new risk arises as Secure Messaging Enters the Late-Majority Adoption Phase! Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . So we’re auditing a bank and they send us files using their shiny new “Secure E-Mail System” and guess […]


Over Sensationalized Internet Security Marketing

By Vigilize - Last updated: Monday, April 27, 2015

An article review. Beware of buzzwords Our friend and associate Joe Cychosz sent us this article a few days ago, and we thought it was worth sharing. This brief article highlights an alarming trend within the InfoSec world, where security vendors are hyping and spinning their offerings to the point of untruth! Now this may […]


Survey Finds Most Firms Would Take Hours to Detect Breach

By Vigilize - Last updated: Wednesday, April 1, 2015

An article review. You have to detect the breach first Many companies have plans for when a breach occurs. After all, there is no such thing as 100% security. As Dan Hadaway will highlight in his upcoming “Turning Lemons into Lemonade with Incident Response” webinar on April 2nd, it’s only a matter of time before […]


Windows Susceptible to FREAK Attack After All

By Vigilize - Last updated: Sunday, March 22, 2015

An article review. Microsoft admits that Internet Explorer is vulnerable to HTTPS hack Earlier this month, Microsoft announced that any Windows computer running any version of Internet Explorer is vulnerable to a FREAK attack. Now the FREAK vulnerability has been around for years; however, it was believed to only affect certain browsers and devices, like […]


Keep Your BYOD Policy Updated

By Vigilize - Last updated: Wednesday, March 18, 2015

An article review. New Device automates iOS Pin Hacking Many companies have Bring Your Own Device policies in place, where employees are allowed to bring their own PCs or mobile devices into the workplace or have business utilities, like email, setup on their personal devices. They also usually have extensive policies allowing remote wiping, etc. […]