This post is a summary of the guidance provided in version 3 of the Cloud Security Alliance document Security Guidance for Critical Areas of Focus in Cloud Computing v3.0. The CSA guidance remains one of the best around providing actionable security guidance for businesses adopting a multi-tenant cloud service environment. Overall document summary: The Cloud Security guidance […]
Continue ReadingGood List of Open Source Security Projects
This is a compilation of some excellent open source security projects. I will continue to update this page. Insert in comments below if you have any good reference projects or open source security tools. I am excluding the obvious ones like Metasploit and Bro for example, in this list. Platform / Host Security OSQuery from Facebook […]
Continue ReadingSpeaking at Black Hat USA 2015
Very excited to announce my selection and participation in Black Hat USA 2015 being held in Las Vegas this year. My talk is titled ‘Securing Your Big Data Environment’. Come join me in the South Seas CDF room in Mandalay Bay between 16:20 – 17:10 hours. Link to Black Hat: https://www.blackhat.com/us-15/briefings.html#securing-your-big-data-environment Summary of the talk: Hadoop and […]
Continue ReadingSpeaking at Strata Hadoop World Conference
I am definitely excited to talk about Bigdata and its security for the enterprise at the upcoming Stratra Conference. See you folks there.
Continue ReadingIndicators of Compromise List and Recommended Security Measures
Unlike loss of a physical device, if an attacker breaks into your corporate network, you still have your data after they steal it. It is more important that ever to detect if your company has been broken into by a hacker. This article identifies a number of indicators of compromise activity on a corporate network. […]
Continue Reading