HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 49 guests and 1 member online
 
Advertisement

You are here:
EH-Net
May 22, 2013, 10:09:31 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Go back to The Ethical Hacker Network Online Magazine Home Page
 
   Home   Help Calendar Login Register  
EH-Net > Columns > Andress (Moderator: don) > Column Topics
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Column Topics  (Read 2595 times)
0 Members and 1 Guest are viewing this topic.
jason
Hero Member
*****
Offline Offline

Posts: 1012



View Profile WWW
« on: September 05, 2012, 09:26:32 AM »
I'm putting together a list of column topics for next year. Keeping in mind that I'm staying roughly in the area of general information security, what would you all be interested in reading about?
Logged
tturner
Sr. Member
****
Offline Offline

Posts: 432


View Profile WWW
« Reply #1 on: September 05, 2012, 12:52:02 PM »
Hacking web services and/or mobile apps. Smiley

Oh you said general information security... How about - metrics that don't suck?
Logged
Certifications:
CISSP, CISA, GPEN, GWAPT, GAWN, GCIA, GCIH, GSEC, OPSE, CSWAE, CSTP, VCP

WIP: OSWP, GSSP-JAVA, GXPN

Udacity on hold, again. I suck.

http://sentinel24.com/blog  @tonylturner http://bsidesorlando.org
jason
Hero Member
*****
Offline Offline

Posts: 1012



View Profile WWW
« Reply #2 on: September 05, 2012, 02:03:40 PM »
Metrics to measure anything in particular?
Logged
m0wgli
Full Member
***
Offline Offline

Posts: 248


View Profile
« Reply #3 on: September 05, 2012, 02:47:29 PM »
Trying to keep within the remit of general information security. I'd be interested in reading about how to respond to incidents and what can subsequently be learnt from them, and, how to deal with insider threats.
Logged
Security + | OSWP | eCPPT | CSTA
jason
Hero Member
*****
Offline Offline

Posts: 1012



View Profile WWW
« Reply #4 on: September 05, 2012, 02:54:52 PM »
Ok, so far we have:

Metrics
Incident response
Insider threats

What else?
Logged
tturner
Sr. Member
****
Offline Offline

Posts: 432


View Profile WWW
« Reply #5 on: September 05, 2012, 03:12:03 PM »
Metrics to measure the effectiveness of security program. For instance I find the number of spams blocked to be a poor metric that's more about big numbers in a chart than any meaningful representation of how the organization is reducing risk or saving money. Good metrics are things like measuring number of incidents detected internally vs by customers, attack vectors, time to respond to incident, time to close out incident, lag time for remediating vulnerabilities, etc.
Logged
Certifications:
CISSP, CISA, GPEN, GWAPT, GAWN, GCIA, GCIH, GSEC, OPSE, CSWAE, CSTP, VCP

WIP: OSWP, GSSP-JAVA, GXPN

Udacity on hold, again. I suck.

http://sentinel24.com/blog  @tonylturner http://bsidesorlando.org
jason
Hero Member
*****
Offline Offline

Posts: 1012



View Profile WWW
« Reply #6 on: September 05, 2012, 03:50:13 PM »
Roger that. On the list.
Logged
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.061 seconds with 23 queries.
 
Exclusive Deal

sansfire13_245x90_cw90.jpg
SANSFIRE 2013
June 15 - 22

5% Off w/ Code: EHN_5

SANS Deals 4 EH-Netters
5% OFF Any SANS Course in Any Format!
Coupon Code: EHN_5 Including SANS Rocky Mountain 2013 & SANS Boston 2013
Polls
Compared to this year, 2013 will be:
 
Recent Forum Topics
EH-Net News Feeds
Latest Additions
 
         
Advertisement

© 2013 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.