Filtering Exploitable Ports and Minimizing Risk from the Internet and from Your Customers

What are you doing to prepare for the next “scanning malware” and “Internet Worm?” Barry Greene @ bgreene@senki.org Version 1.2 TLP: WHITE  Recommendation: Operators (CSPs, ISPs, Cloud Companies, and Hosting Companies) are strongly encouraged to deploy Port Filtering on the known Exploitable ports and Source Address Validation (SAV) on their customer edge of the network Read More

Demand Security from your Vendors

Demande Security from your Vendors. Ask the right “Security Questions.” This provides a list of questions that anyone can use with their vendors to get a better understanding of their security capabilities. Start meaningful “Security Conversations.” Read More

Weekend Read – Lessons from Heartbleed

Every vulnerability is a security lesson that will either be repeated or used to improve the organization. Lessons from Heartbleed is no different.  IMHO “The Matter of Heartbleed” is a mandatory paper for all security professionals! It points out the dynamics of a critical Internet vulnerability and how organizations respond. As a minimum, read the Read More