Cyber Security Awareness and Vulnerabilities Blog

RSS

Since Congress instituted the Federal Information Security Management Act (FISMA) of 2002 to address information security challenges facing government agencies, the National Institute of Standards and Technology (NIST) has regularly recommended new guidance to help give agencies a clearer deployment path to a…

Read More

Here we are in the middle of March, and it is hard to believe we are almost a quarter of a way through 2011. What is even more impressive is the rate at which the Exploit Writing Team, the CORE IMPACT Pro development…

Read More

The following post is excerpted from an article that I co-authored with Anup Ghosh, founder and chief scientist at Invincea, to introduce a recent issue of IEEE Security & Privacy that focused on Cloud Computing Security. In the article, we present the economic…

Read More

Now that I’m back from the whirlwind of customer meetings, partner discussions, and prospect demonstrations at RSA, I can finally comment on an interesting observation from our industry’s leading conference. Few would debate that cloud security was in the forefront of many…

Read More

A recently released module by the Exploit Writing Team here at Core generated a lot of emails to me from folks out there in Security Land asking for more information about the underlying vulnerability and how we were able to develop a Denial of Service module to trigger the vulnerability.

Read More

Patience is a virtue … and no one knows patience better than those who bought tickets and attended ShmooCon this year. Even with the addition of yet another Potter; getting through a snow-ridden storm on the way TO the con (or 2 storms…

Read More

The Elephant in the Cloud In my experience, I’ve seen organizational leaders approach cloud computing from three different angles best summarized by the following questions: A.  How can I help my customers take advantage of cloud computing? B.  How can I deliver a better product/service using…

Read More

It’s no secret that cyberspace is growing more hostile, with increased criminal activity and regime-driven intelligence activity.  When the CSIS Commission first published its Report on Cybersecurity for the 44th Presidency two years ago, cybersecurity didn’t appear to be a priority for many…

Read More

I wouldn’t describe myself as a hoarder, but I am generally quite reluctant to throw things away. That old floppy disk on my shelf is a nostalgic reminder of how long it would take to install Windows NT 3.1 in my first proper…

Read More

Here we are on the cusp of another ShmooCon, and I’m really excited to get down to DC. Since I can’t stop thinking about it, I figured I’d write about it – and give you a sneak peek at some cool things my…

Read More