Pentesting every 3 months for entities with more than 20k transactions annually for less than 20k transactions. Why do you need to pentest? Because things happen, and it is good to review your security profile… Have some Philotimo – setup PCI compliance
Risk analysis and patch management is important. We discuss that on this day, since there were 2 Adobe vulnerabilities that we discuss on our blog: http://oversitesentry.com/patches-i-dont-need-those-stinkin-patches/ Patch Management is when you decide with risk based… Patch Management is important
This morning (1/21/15) attended ISACA (previously the Information Systems Audit and Control Association) meeting: http://www.isaca.org/chapters5/Saint-Louis/Pages/default.aspx The past present and future of Web Application Security by Christopher Boyd Good quote sometimes I talk to the… Excellent ISACA event on Web Application Security
We are explaining a little more about pentesting and the service that we have (Sigma Scan) in tip of day. In News of day we discuss #OpFrance where the political hackers are trying to attack… Security videoshow about #OpFrance and Sigma Scan
Our video of the fixvirus security show: news of day: Cybersecurity has priority in State of the Union (Why ? due to Sony Hack) as in our blog post: http://oversitesentry.com/?p=1291 tip of day : run… State of the Union: Cybersecurity has priority.
To be PCI compliant means there is a Security policy in place. We can help with a security policy or with the documentation for PCI compliance – There are a lot of items to check… PCI compliance = Security Policy
New Fixvirus Security Show Jan9 on vulnerability Assessment in Tip of day as well as News of Day CES show quotes … Some of the quotes I already researched on my Blog: Oversitesentry.com: http://oversitesentry.com/can-we-stop-cybersecurity-breaches/ News of… CES show:Security by Design – Vulnerability Assessment
“Do the right thing” = Philotimo PCI compliance best practices(from page 13 PCI DSS 3.0 doc): Monitoring of security controls—such as firewalls, intrusion-detection systems/intrusion-prevention systems (IDS/IPS), file-integrity monitoring (FIM), anti-virus, access controls, etc.—to ensure they… Philotimo(“do the right thing”) your Network
On News of Day I discuss http://www.darkreading.com/operations/5-pitfalls-to-avoid-when-running-your-soc-/a/d-id/1318218 Specifically: “Our goal is to protect our critical assets, quickly know when they have been compromised and respond with immediate action to contain and eradicate the threat. If anyone… Fixvirus Security Show Jan2
2014 reviews: http://oversitesentry.com/?p=1196 the post I discussed in the video… Get ready for 2015. Not if you get hacked but “when” so get ready for more attacks. Get your incident response ready – When you get hacked… Fixvirus Security Show – review 2014/ preview 2015