ISO - Words to the wise on conformity assessment
https://www.iso.org/news/ref2519.html
https://www.iso.org/news/ref2519.html
ISO
Words to the wise on conformity assessment
Demonstrating that your product, service or system meets the requirements of a standard results in increased confidence from stakeholders while helping to ensure regulatory compliance. The International Standard for terms and definitions in the field of conformity…
De-mystifying Secure Software Development Webinar | NCCoE
https://www.nccoe.nist.gov/events/de-mystifying-secure-software-development-webinar
https://www.nccoe.nist.gov/events/de-mystifying-secure-software-development-webinar
www.nccoe.nist.gov
De-mystifying Secure Software Development Webinar | NCCoE
Background
Forwarded from Пост Лукацкого
Свеженький отчет Exabeam по SOCам - https://t.co/1aWXBzZoS0 Многое перекликается с российским исследованием по SOCам, которое публикует @BISJournal - https://t.co/wf3O9vh8RU pic.twitter.com/rvgqKH4UVe
— Alexey Lukatsky (@alukatsky) June 17, 2020
— Alexey Lukatsky (@alukatsky) June 17, 2020
TLS Server Certificate Management | NCCoE
https://www.nccoe.nist.gov/projects/building-blocks/tls-server-certificate-management
https://www.nccoe.nist.gov/projects/building-blocks/tls-server-certificate-management
Forwarded from dukeBarman
Помимо этого сейчас проходит https://open-security-summit.org/ Только что закончился первый день https://www.youtube.com/watch?v=2B1U1GR-jzU Данный трэк посвящен "Threatmodel Tool Demos"
open-security-summit.org
Open Security Summits in 2024
The Open Security Summit is focused on the collaboration between Developers and Application Security. Using the same model as the previous OWASP Summits, this 5-day event will be a high-energy experience, during which attendees get the chance to work and…
Using the FedRAMP OSCAL Resources and Templates | FedRAMP.gov
https://fedramp.gov/using-the-fedramp-oscal-resources-and-templates/
https://fedramp.gov/using-the-fedramp-oscal-resources-and-templates/
www.fedramp.gov
Using the FedRAMP OSCAL Resources and Templates | FedRAMP.gov
The FedRAMP PMO, in collaboration with NIST, is working to digitize the authorization package through the development of a common machine-readable language, ...
New stage of ids/ips evolution through NTA to NDR.
https://www.gartner.com/doc/reprints?id=1-1Z8C9OAX&ct=200612&st=sb
https://www.gartner.com/doc/reprints?id=1-1Z8C9OAX&ct=200612&st=sb
Nice teaching story about importance of IAM/PAM and MFA with references to the several guides.
https://twitter.com/gvnshtn/status/1274737971107901441?s=09
https://twitter.com/gvnshtn/status/1274737971107901441?s=09
Twitter
gvnshtn
Maersk, me & notPetya https://t.co/keitEjG38N Hope this helps ❤ #CyberAttack #CyberSecurity #PAM #AzureAD #ActiveDirectory #Baseline #MFA #Maersk #notPetya
InfoSec World 2020: Companies deficient in security compliance, training
https://www.scmagazine.com/infosec-world-2020/risk-assessments-reveal-businesses-remain-deficient-in-security-compliance-training/
https://www.scmagazine.com/infosec-world-2020/risk-assessments-reveal-businesses-remain-deficient-in-security-compliance-training/
SC Media
InfoSec World 2020: Companies deficient in security compliance, training
Of 100+ businesses that conducted a risk self-assessment, over 65% admitted to reaching zero-to-minimal compliance of state privacy/security regulations.
Good manual updated every (!) month.
Australian Government Information Security Manual (ISM) | Cyber.gov.au
https://www.cyber.gov.au/acsc/view-all-content/ism
Australian Government Information Security Manual (ISM) | Cyber.gov.au
https://www.cyber.gov.au/acsc/view-all-content/ism
www.cyber.gov.au
Information security manual | Cyber.gov.au
The Information security manual (ISM) is a cybersecurity framework that an organisation can apply, using their risk management framework, to protect their information technology and operational technology systems, applications and data from cyberthreats.
It looks like that official hardware bugs and backdoors are getting from mythical to lawful, it must be considered during risk assessments.
https://www.theregister.com/2020/06/24/us_encryption_backdoor/
https://www.theregister.com/2020/06/24/us_encryption_backdoor/
The Register
After huffing and puffing for years, US senators unveil law to blow the encryption house down with police backdoors
Lawmakers will attempt to bend the laws of mathematics to their will