Archive for 'Technical Security Standards' Category
The AIO’s Impact on Technology Planning Movie
Dan is joined by a Panel to discuss the FFIEC’s New AIO Guidance and how it may impact Technology Planning in the future.
Zeroing in on VPN Security
Has the security effectiveness of VPNs passed? Another Technical Article by Tanvee Dhir! Why under scrutiny? VPNs (Virtual Private Networks) have been a cardinal piece for secure internet browsing for decades. They offer a secure and encrypted tunnel to transfer your data over the network whether in a home or an enterprise environment. Different vendors […]
AIO Walk Around Movie
An Overview of the FFIEC Architecture, Infrastructure, and Operations Booklet
Our Lead Non-Technical Auditor takes a look at the new AIO Guidance… Architecture, Infrastructure, and Operations (AIO) is the latest booklet released by the Federal Financial Institutions Examination Council (FFIEC) in their line of IT Examination Handbooks. It is an update to their 2004 Operations booklet and, as the name implies, expands into the areas […]
Autopsy of the SolarWinds Hack Update
A Timeline Update as of 02/22/21 An update to our Newest Employee’s FIRST Technical Article Another interim post-mortem review . . . . A Note About Updates: We have decided to leave the original article as it was originally posted and to update this post with any changes that have been made. You can see […]
Autopsy of the SolarWinds Hack
A Timeline as of 01/24/2021 Our Newest Employee’s FIRST Technical Article Another interim post-mortem review . . . . A Note About Updates: We are leaving this article as is, but for any updates to the timeline, check the Autopsy of the SolarWinds Hack Timeline Update article! – Vigilize Introduction: As the managing […]
Vulnerability Management for Directors Webinar Movie
A Webinar-Movie Short Back by popular demand! Our Board Awareness Training program continues with this movie, entitled Vulnerability Management for Directors, that can be presented directly to your board of directors.
Microsoft Discontinues Support For SHA-1
Known to be vulnerable since 2005, the algorithm will be phased out over the next several months… An article review. Things can move slowly in the world of cryptography, and for evidence of that one needs to look no further than SHA-1–the hash algorithm introduced in 1995, found to be vulnerable to attack in 2005 […]
Object Access Limitations
Object Access Limitations. . . While offering some visibility, there are limitations to object access monitoring. If your organization has to comply with industry regulations such as GLBA, HIPAA, or Sarbanes Oxley, you know that maintaining data security and privacy are important, and one of the ways you can accomplish that is with object access […]
The Difference Between Patch and Vulnerability Management
The first in our guest author series, this article by Eric Kroeger and Jason Mikolanis explains the difference between patch and vulnerability management.