Tag: MFA
Before you can go beyond something, you have to get there first. The perimeter’s imminent demise has been forecast by any number of people and, to a certain extent, they have a point. Once you start placing lots of gates in your fence and move half your livestock outside of it, you start to wonder…
Read MoreSometimes we all feel like we’re losing the security game. But, just like when you’re losing the Craft of Minewar, you can use add-ons to energize your security game. Here are seven definitive things you can put into your security program to guarantee a winning score. 1. Filter inbound Internet app access. You are often…
Read MoreMy favorite color, by the way, is black. Or at least it will be until something darker comes along. While marginally better than asking for personal information that is just as easily discovered on the web —your mother’s maiden name, where you were born (my mother claims it was in a barn based on my…
Read MoreOn Dec 8, 2017, 4iQ reported the discovery of a database on the dark web containing 1.4 billion credentials—in clear text.1 The fine writers of the aforementioned article note that they’ve “tested a subset of these passwords and most of them have been verified to be true.” 1.4 billion. A standard calculator (like the one…
Read MoreIt’s inevitable. Every organization needs externally-developed applications to some degree or another. Increasingly, these apps are web-based and accessed over the Internet. As part of a forthcoming report on protecting applications, F5 commissioned a survey with Ponemon. In it, we asked security professionals what percentage of their applications (by category) were outsourced. The top answers…
Read MoreAny CISO who’s been around the block understands Erik’s words. So, let’s roll up our sleeves and get started by understanding the scope of the problem. Understand Needs The first step in any security project is to be sure you have a clear inventory of your asset and applications. Everything flows from them. For most,…
Read MoreAt F5, we dedicate a lot of time to identifying and validating vulnerabilities. We use a variety of vulnerability scanning tools at a regular, frequent tempo to give us an up-to-date picture of our risk footprint. On top of that, we pay attention to user reporting, information we get from various threat intelligence sources, and…
Read MoreThere's often a gap between what we say we need for an effective security posture, and what we actually do. Examining the gaps between "best practices" and reality helps us get to more tangible results. Source link lol
Read MoreIn this series, we examine how the reality of a security program differs from the perception some security practioners hold. To do this, we’re focusing on four specific gaps that can weaken security defenses and instigate security incidents. For example, consider the rising number of cloud breaches caused by engineers disabling basic access control, either…
Read MoreThere’s something undeniably compelling about a good myth. Maybe that’s because a dose of escapism does our brain good, and it’s fun to spend a few moments wondering about deadly alligators populating the New York City sewer system or Walt Disney’s cryogenically frozen head waiting to be brought back to life. But while those myths…
Read More