a blog about how to better improve Enterprise Security via Best practice in Policy / Compliance / Control
Tuesday, November 29, 2011
Homealone - interesting tool to verify you are the sole tenant in a VM setup
found this article about a homealone package developed by RSA: http://www.technologyreview.com/tr35/profile.aspx?TRID=1083
Tuesday, September 27, 2011
i-class compromise and HID's solution
about 2 months or so ago, some one figure out how to hack iclass key because the world dare sign by 2 cert... well i-class elite program are FREE, you just have to wait 2 extra week for them :) and you will have your own cert.
http://www.hidglobal.com/main/services/documents/iclass-elite-faq-en.pdf
http://www.hidglobal.com/main/services/documents/iclass-elite-faq-en.pdf
Reasonable DVR with cluster capablity
this video system have alarm trigger (send and receive)... along with motion trigger recording (along with ability to cache x second before the event), along with backup drive, and smtp out. 8 camera with the capablity to cluster with other device around the world to see it in one app.. with different class / group / roles, all for $899.
http://www.samsungsv.com/Model/Detail/12/Samsung-SDE-4002N-8-Channel-DVR-Security-System
http://www.samsungsv.com/Model/Detail/12/Samsung-SDE-4002N-8-Channel-DVR-Security-System
Friday, April 22, 2011
Cloud Security Virtual conference on 4/28/2011
ISACA is offering Cloud Service Security conference.... Register Now and get 5 CPE credit.
Thursday, April 21, 2011
Security for the SmartPhones
Iphone / Ipad's IOS 4.0 with 4.0 file system is the base line to offer encrypted end point at least for the email system:
http://anthonyvance.com/blog/forensics/ios4_data_protection/
and for Android 3.0 HoneyComb, file level encryption and some sort of remote device management will be roll out via google app:
http://androidcommunity.com/android-courts-enterprise-with-remote-tracking-encryption-more-20110408/
http://anthonyvance.com/blog/forensics/ios4_data_protection/
and for Android 3.0 HoneyComb, file level encryption and some sort of remote device management will be roll out via google app:
http://androidcommunity.com/android-courts-enterprise-with-remote-tracking-encryption-more-20110408/
Tuesday, April 5, 2011
Monday, March 21, 2011
RSA Break in
http://online.wsj.com/article/SB10001424052748703512404576208983743029392.html
have you dial up your pin and change your policy?
or assign new set of rsa hard / soft token?
have you dial up your pin and change your policy?
or assign new set of rsa hard / soft token?
Wednesday, March 2, 2011
DHS funded Cyber Security Training Course - 5 days - April 25-29, 2011 FREE
http://www.cyberterrorismcenter.org/sanfrancisco2.html
i just sign up for the CFR course in April. if you already done CISSP, i would recommend the First Responder (CFR) course, and if you want to study for CISSP take the CCD source. i sign up for CCD 2 years ago and found the material is a complete repeat of CISSP 10 domains and left. the CFR course on the other hand is hands on lab to demonstrate actual attack and defense.
and of course this will be actual training credit count toward your CISSP training credit.. almost a whole year worth :)
Subscribe to:
Posts (Atom)