ISACARuSec – Telegram
ISACARuSec
@IsacaRuSec
2.27K subscribers
1.77K photos
13 videos
303 files
5.64K links
Канал направления ИБ Московского отделения ISACA

Направление канала новости ISACA, новости в области управления ИБ в России и мире, обмен лучшими практиками.

https://engage.isaca.org/moscow/home

Связь с администрацией
@popepiusXIII
Download Telegram
About
Blog
Apps
Platform
Join
ISACARuSec
2.27K subscribers
ISACARuSec
https://www.sans.org/blueprint-podcast серия подкастов от SANS с перспективой от blue team (защита). Последний про управление уязвисостями.
271 viewsedited  
ISACARuSec
https://pages.awscloud.com/awsmp-h2-sec-devsecops-pipeline-automation.html
Awscloud
How to fuel your DevSecOps in AWS
In this webinar, SANS and AWS Marketplace will discuss how to build a strategy that encompasses visibility and automation for the DevSecOps pipeline in AWS. They will cover cloud-native controls and automation tactics that can enhance security of incoming…
258 views
ISACARuSec
https://medium.com/anton-on-security/not-the-final-answer-on-ndr-in-the-cloud-b804321ef376
Medium
Not the Final Answer on NDR in the Cloud …
Back in my analyst years, I rather liked the concept of NDR or Network Detection and Response. And, despite having invented the acronym EDR, I was raised on with NSM and tcpdump way before that…
276 views
ISACARuSec
https://www.cisecurity.org/blog/cis-benchmarks-may-2021-update/
CIS
Blog | CIS Benchmarks Update May 2021
New CIS Benchmarks released May 2021. These CIS Benchmark releases would not have been possible without the time and support of community contributors.
305 views
ISACARuSec
https://www.helpnetsecurity.com/2021/05/03/pci-secure-software-standard-1-1/
Help Net Security
PCI SSC publishes PCI Secure Software Standard 1.1 and supporting program documentation
The PCI Security Standards Council (PCI SSC) has published the PCI Secure Software Standard 1.1 and its supporting program documentation.
380 views
ISACARuSec
С праздником Великой Победы!
273 views
ISACARuSec
https://www.sans.org/webcasts/setting-gold-standard-ci-pipelines-create-validated-os-images-119495
www.sans.org
Setting the Gold Standard - Using CI pipelines to create validated OS images - SANS Institute
As cloud, security, and operations teams move to DevOps workflows building and securing operating systems efficiently changes drastically. Join SEC540 co-author Ben Allen to learn how to customize vendor-provided operating system images to improve the security…
297 views
ISACARuSec
https://www.helpnetsecurity.com/2021/05/05/insider-risk-management/
Help Net Security
Pandemic accelerating need for insider risk management
Insider risk management is of greater concern now for 74% of companies than it was before the pandemic, according to Forrester Consulting.
283 views
ISACARuSec
Forrester_Research_Insider_Risk_Management_is_Critical_to_Protecting.pdf
2.3 MB
390 views
ISACARuSec
https://www.microsoft.com/security/blog/2021/05/03/ai-security-risk-assessment-using-counterfit/
Microsoft Security Blog
AI security risk assessment using Counterfit | Microsoft Security Blog
Counterfit is a command-line tool for security professionals to red team AI systems and systematically scans for vulnerabilities as part of AI risk assessment.
273 views
ISACARuSec
https://twitter.com/alukatsky/status/1391404607117606915
Twitter
Alexey Lukatsky
Я не знаю, чем журналы по ИБ для женщин отличаются от таких же для мужчин. Но факт есть факт. Недавно запустили специальный журнал для ибешниц - womeninsecuritymagazine.com/subscribe/
271 viewsedited  
ISACARuSec
Для тех кто любит ИБ новости в аудио-формате, пока стоишь в пробке, или видеть того кто рассказывает новости рекомендуем еженедельный дайджест - выпуск новостей с основными значимыми новостями в мире информационной безопасности https://youtu.be/uT9XYwLD2m4
YouTube
CISO news 1: снова мобильные уязвимости, соцсети vs. Apple, безопасность цепочки поставок
311 viewsedited  
ISACARuSec
Вам были бы интересны новости в канале про критические уязвимости в широкораспространненых продуктах (например Exim, iOS, Exchange) и больше технических гайдов (например по настройке конкретных средств).
Anonymous Poll
63%
1. Да.
24%
2. Нет.
14%
3. Все равно.
59 voters247 views
ISACARuSec
ISACA’s Medical Device Discovery Appraisal Program (MDDAP) helps device manufacturers go beyond compliance and toward continuous improvement. See the benefits of participation at the FDA/Xavier MedCon Conference

https://www.isaca.org/enterprise/medical-device-discovery-appraisal-program
ISACA
Medical Device Discovery Appraisal Program (MDDAP) | ISACA
The Medical Device Discovery Appraisal Program (MDDAP) helps medical device manufacturers better understand, measure, and improve their capabilities.
232 viewsedited  
ISACARuSec
http://rusrim.blogspot.com/2021/05/blog-post_148.html
Blogspot
Китай: Для публичного обсуждения опубликована вторая редакция проекта национального закона о защите персональных данных
Данная статья, подготовленная специалистами юридической фирмы Hunton Andrews Kurth LLP, была опубликована 4 мая 2021 года в издании «Национа...
236 views
ISACARuSec
https://twitter.com/cyb3rops/status/1391696882116743172
Twitter
Florian Roth
Incident response playbooks for Microsoft O365docs.microsoft.com/en-us/security…
259 viewsedited  
ISACARuSec
https://www.zdnet.com/article/colonial-pipeline-ransomware-attack-everything-you-need-to-know/
ZDNET
Colonial Pipeline attack: Everything you need to know
Updated: DarkSide has claimed responsibility for the catastrophic ransomware outbreak.
248 views
ISACARuSec
https://www.cyberlands.io/apisecurityresourcecenter
www.cyberlands.io
API Security Resource Center - 15 guides and comparisons enabling API security program
API Security Resource Center - 15 API Security guides and comparisons for security officers, architects, penetration testers, API developers and start-up founders
270 views
ISACARuSec
https://csrc.nist.gov/projects/crypto-publication-review-project
CSRC | NIST
Crypto Publication Review Project | CSRC | CSRC
This project summarizes NIST’s current and planned activities for reviewing its cryptography standards and other publications. The Crypto Publication Review Board (“the Board”) within the Computer Security Division identifies a publication for review based…
251 views
ISACARuSec
https://www.zdnet.com/article/axa-pledges-to-stop-reimbursing-ransom-payments-for-french-ransomware-victims/
ZDNet
AXA pledges to stop reimbursing ransom payments for French ransomware victims
One of Europe’s biggest insurers is now suspending policies in France that reimburse victims for ransomware payments.
236 views
ISACARuSec
Smart cities are a tempting target for cyberattacks, so it's time to secure them now | ZDNet

To help guide local authorities and protect infrastructure, organisations and people from the threat of cyberattacks that could target smart cities, the NCSC has published a series of principles that should be adhered to in order to provide these networks with the highest possible level of cybersecurity.


https://www.zdnet.com/article/smart-cities-are-a-tempting-target-for-cyberattacks-so-its-time-to-secure-them-now/
ZDNET
Smart cities are a tempting target for cyberattacks, so it's time to secure them now
National Cyber Security Centre guidance asks local authories to think about cybersecurity sooner rather than later to stop essential services being disrupted by malicious hackers.
225 viewsedited