infosecreviews

Book Reviews: Information Security Books and Product Reviews – Securing the Clicks

Book Title: Securing the Clicks Subtitle: Network Security in an Age of Social Media Author(s): Gary Bahadure, Jason Inasi and Alex de Carvalho Publisher: McGraw Hill Date of Publishing: 1st Dec 2011 ISBN(13): 9780071769051 Price (UK&US price – full price, not discounted price): £29.99,  $40.00 URL of Amazon UK web page: Securing the Clicks Network …

Book Reviews: Information Security Books and Product Reviews – Securing the Clicks Read More »

Book Reviews: Information Security Books and Product Reviews – Computer Security Handbook, 5th Edition

Book Title: Computer Security Handbook, 5th Edition Author(s): Seymour Bosworth, M.E. Kabay, Eric Whyne Publisher: Wiley Date of Publishing: 10th March 2009 ISBN(13): 9780471716525 Price (UK&US price – full price, not discounted price): £150, $220.95 URL of Amazon UK web page:  Computer Security Handbook URL of Amazon UK (Kindle) web page: Not available. URL of …

Book Reviews: Information Security Books and Product Reviews – Computer Security Handbook, 5th Edition Read More »

Protecting the Fish Pond: Lessons in Information Security from the Back Yard | InfoSec Perception

Former student, good friend and brilliant colleague Jan Buitron, MSIA, CISSP, MCSE tells us a whimsical tale with lessons for us in the security field. Everything that follows is Jan’s work with minor edits by Mich. It was a big project for a homeowner. My friend set out to design, dig and decorate a fish …

Protecting the Fish Pond: Lessons in Information Security from the Back Yard | InfoSec Perception Read More »

Fighting Advanced Persistent Threat: Detection & Remediation | InfoSec Perception

Francis Cianfrocca, a leading expert on Advanced Persistent Threats, continues his overview of the issues following his first article on the topic in the InfoSec Perception blog. What follows is Mr Cianfrocca’s work with minor edits from M. E. Kabay. Advanced persistent threats (APTs) attack with privilege escalation and operate through application accesses that, to …

Fighting Advanced Persistent Threat: Detection & Remediation | InfoSec Perception Read More »

Vulnerability Management is Essential for Effective Security | InfoSec Perception

Vulnerability management is the embodiment of continuous process improvement in system security. In a recent discussion in the Norwich University IS342 (Management of Information Assurance) course in the Bachelor of Science in Computer Security and Information Assurance, the class reviewed Rebecca Gurley Bace’s chapter 46, “Vulnerability Assessment” from the Computer Security Handbook, 5th Edition. Bace …

Vulnerability Management is Essential for Effective Security | InfoSec Perception Read More »

Prototyping in Real Life | InfoSec Perception

In business continuity planning (BCP) and disaster recovery planning (DRP), its commonplace to urge planners to create initial plans and then test them for ways to improve. This approach is parallel to the current standards of software development and risk management. In the 1960s and 1970s, the standard software development methodology was the system development …

Prototyping in Real Life | InfoSec Perception Read More »