Even with automation, security baselines like STIG or CIS remain a challenge to manage. But there is hope for baseline automation.
Ever ask a sysadmin what they find most tedious about their job? If they’re being honest, keeping up with security...Read More
Inherent Risk Tiering for Third-Party Vendor Assessments
Importance of Third-Party Risk Tiering It can be a challenging and overwhelming task to adequately manage the risk associated...Read More
A+: AMI’s, Automation & AWS
A few weeks ago, I attended AWS re:Invent 2016 with nine of my colleagues. If you have never been, re:Invent is...Read More
The AWS Shared Security Model – Part II: A Step Towards FedRAMP Compliance
Stop By Booth 118 @ AWS re:Invent and Speak to Our Team of Cybersecurity ExpertsRead More
Stop by Booth 118 @ AWS re:Invent to Learn How We Can Secure Your CloudRead More
The AWS Shared Responsibility Model: Part 1 – Security in the Cloud
Cloud Service Providers (CSP) offer a range of infrastructure, platforms, and software for customers to consume. Whether you are looking...Read More
Choosing a 3PAO: FedRAMP, Cybersecurity & Cloud Expertise are Vital
FedRAMP Compliance – Is it worth it?
If you are a company with a cloud service, there are likely quite a few questions you are asking yourself...Read More
Secure Configuration Management through Automation
Overview Automation is a beautiful thing. It can reduce the overall workload for performing a task by allowing us to...Read More
The other day I read this article over at TaoSecurity which was a follow-up to a post from a couple weeks...Read More
Tweet of the Year for 2011: What’s Wrong With Information Security
NEI Cyber Security Implementation Workshop
Greetings, and happy 2011. It has been entirely too long since we’ve posted an update. In spite of that, I...Read More
Current State of FISMA Part 3: What Is the Target?
So, I’ve rambled a bit in the past several weeks on the current state of FISMA. You’d think that somewhere...Read More
The Current State of FISMA Part 2: The Chasm Between Compliance and . . Everyone Else
This is really a direct continuation of the last post in this series . . the second half of...Read More