Like many information security practitioners, this week marks the return to the office and reflection after attending the annual RSA Conference in San Francisco. Every year there are interesting speakers,…
Metrics definitely seem to be a buzz word in information security circles these days. It seems that I can hardly give a presentation or meet with clients without the topic…
Recently a met with an organization who mentioned to us that they had identified executive engagement in information security (or lack thereof) the biggest risk to their organization. It’s not…
Part of any solid project / program management effort is a program charter that defines the program in order to ensure its success. Too many times projects begin without a…
The rumors are true, there is a new SANS audit class on the SANS courseware bookshelf. The course is Audit 407 – Foundations of Information Systems Audit. It’s a prequel…
So in this series of blog articles so far we have identified a number of different baseline scripts written in PowerShell. We hope that auditors and others will be able…
Today we’re going to continue blogging about scripts that we can use to create system baselines. (For a primer on why you might want to consider performing a system baseline…
