-
Apr 14, 2017
Data Security Compliance and DatAdvantage, Part II: More on Risk Assessment
I can’t really overstate the importance of risk assessments in data security standards. It’s really at the core of everything you subsequently do in a security program. In this post...
Michael Buckbee
5 min read
-
Apr 03, 2017
Data Security Compliance and DatAdvantage, Part I: Essential Reports for Risk Assessment
Over the last few years, I’ve written about many different data security standards, data laws, and regulations. So I feel comfortable in saying there are some similarities in the EU’s...
Michael Buckbee
4 min read
-
Mar 22, 2017
Practical PowerShell for IT Security, Part II: File Access Analytics (FAA)
In working on this series, I almost feel that with PowerShell we have technology that somehow time-traveled back from the future. Remember on Star Trek – the original of course...
Michael Buckbee
7 min read
-
Mar 08, 2017
Practical PowerShell for IT Security, Part I: File Event Monitoring
Back when I was writing the ultimate penetration testing series to help humankind deal with hackers, I came across some interesting PowerShell cmdlets and techniques. I made the remarkable discovery...
Michael Buckbee
5 min read
-
Feb 08, 2017
Binge Read Our Pen Testing Active Directory Series
With winter storm Niko now on its extended road trip, it’s not too late, at least here in the East Coast, to make a few snow day plans. Sure you...
Michael Buckbee
1 min read
-
Jan 27, 2017
Pen Testing Active Directory Environments, Part VI: The Final Case
If you’ve come this far in the series, I think you’ll agree that security pros have to move beyond checking off lists. The mind of the hacker is all about making...
Michael Buckbee
5 min read
-
Jan 20, 2017
Connecting Your Data Strategy to Analytics: Eight Questions to Ask
Big data has ushered in a new executive role over the past few years. The chief data officer or CDO now joins the C-level club, tasked with leveraging data science...
Michael Buckbee
3 min read
-
Jan 17, 2017
Pen Testing Active Directory Environments, Part V: Admins and Graphs
If you’ve survived my last blog post, you know that Active Directory group structures can be used as powerful weapons by hackers. Our job as pen testers is to borrow...
Michael Buckbee
6 min read
-
Jan 12, 2017
How to setup a SPF record to prevent spam and spear phishing
Some things go together like peanut butter and jelly: delicious, delightful and a good alternative to my dad’s “Thai-Italian Fusion” dinner experiments as a kid. When other things are combined...
Michael Buckbee
6 min read
-
Jan 04, 2017
Pen Testing Active Directory Environments, Part IV: Graph Fun
If we haven’t already learned from playing six degrees of Kevin Bacon, then certainly Facebook and Linkedin have taught us we’re all connected. Many of the same ideas of connectedness...
Michael Buckbee
4 min read
-
Dec 22, 2016
I’m Alan Cizenski, Corporate Systems Engineer at Varonis, and This is How I Work
Alan Cizenski is a Corporate Systems Engineer at Varonis. Based in our New York City office, he is responsible for making sure Varonis solutions work smoothly for our prospective customers....
Michael Buckbee
4 min read
-
Dec 21, 2016
Ransomware: Legal Cheat Sheet for Breach Notification
You respond to a ransomware attack in many of the same ways you would to any other cyber attack. In short: have plans in place to analyze the malware, contain...
Michael Buckbee
3 min read