This post is a summary of the guidance provided in version 3 of the Cloud Security Alliance document Security Guidance for Critical Areas of Focus in Cloud Computing v3.0. The CSA guidance remains one of the best around providing actionable security guidance for businesses adopting a multi-tenant cloud service environment. Overall document summary: The Cloud Security guidance […]
Continue Reading
This is a compilation of some excellent open source security projects. I will continue to update this page. Insert in comments below if you have any good reference projects or open source security tools. I am excluding the obvious ones like Metasploit and Bro for example, in this list. Platform / Host Security OSQuery from Facebook […]
Continue Reading
Very excited to announce my selection and participation in Black Hat USA 2015 being held in Las Vegas this year. My talk is titled ‘Securing Your Big Data Environment’. Come join me in the South Seas CDF room in Mandalay Bay between 16:20 – 17:10 hours. Link to Black Hat: https://www.blackhat.com/us-15/briefings.html#securing-your-big-data-environment Summary of the talk: Hadoop and […]
Continue ReadingI am definitely excited to talk about Bigdata and its security for the enterprise at the upcoming Stratra Conference. See you folks there.
Continue ReadingUnlike loss of a physical device, if an attacker breaks into your corporate network, you still have your data after they steal it. It is more important that ever to detect if your company has been broken into by a hacker. This article identifies a number of indicators of compromise activity on a corporate network. […]
Continue Reading