Andy Green

As I wrote in another post, HR records are considered personal data and covered under the General Data Protection Regulation (GDPR). Since I keep on hearing from people who should...

We’re more than a year into the General Data Protection Regulation (GDPR) era, and we now have a few enforcement actions under our belts as data points. Earlier in 2019,...

After the devastating Equifax incident, the New York State legislature introduced the Stop Hacks and Improve Electronic Data Security or SHIELD Act in order to update the  existing  breach rules....

User Behavior Analytics or UBA was and still is the term for describing searching for patterns of usage that indicate unusual computing activities — regardless of whether it’s coming from...

 I’ve been on a mission the last few months to bring  basic knowledge about data security to the upper reaches of the organization. Our C-level readers and other executives, who...

In 2018, the California Consumer Privacy Act (CCPA) was signed into law. Its goal is to extend consumer privacy protections to the internet. The CCPA was heavily influenced by the...

In case you haven’t noticed, we’ve been championing PowerShell as a pentesting tool in more than a few blog posts. One big reason to learn PowerShell and use it to...

Did you ever have the urge to put together a few PowerShell scripts leveraging the Windows Management Interface (WMI) to create your own file security monitoring package? My advice: wait...

It’s a familiar data security story: under-patched Windows software, hidden security vulnerabilities, and hackers who know how to exploit them. But if the patch involves Windows Remote Desk Protocol (RDP),...

I’ve already written about the fundamentals of security analytics. To review: it’s the process of aggregating, correlating, and applying other more advanced techniques to raw event data in order to...