Blog

Cloud Security Auditing With Steampipe

This post talks about how we use different tools to accomplish different tasks in a cloud security context, zooming in […]

Creating a Security Culture

June 10, 2021

Protecting your company requires a robust security program with documented policies and processes; but without consistent, thorough execution of those […]

5 Quick Wins to Improve Your Security Posture Instantly

May 26, 2021

Because of their size, small companies are especially vulnerable to cyber-attacks. Bad actors looking for quick wins are playing the […]

Email from a Security Researcher

February 23, 2021

Yesterday, for the Nth time, a client had a “security researcher” send an email about a “high-impact” security vulnerability. I’ve […]

Epic Security Failure and Risk

December 17, 2020

All I could do was facepalm after somebody pointed me to an article about how Microsoft unleashed a death star […]

Risk and Threat Modeling with Mind Maps

November 10, 2020

In security we talk a lot about understanding risk. That informs the advice we give and decisions we make. A […]

Lets Talk About Blockchain

October 28, 2020

Let’s talk about Blockchain. I think many people in the security world are already appropriately skeptical of all of the […]

Crush Github Action

October 20, 2020

Everyone is talking about pushing left. I feel like I’ve been talking about Agile Security since like 2010. Whatever we’re […]

Your First Security Hire

June 11, 2020

We often talk with companies that are thinking about hiring an FTE to help them with security. This post covers […]

App Meta Security Information

May 7, 2020

When we implement security programs, we often advise clients to build an inventory of their applications. There are a lot […]

« Previous 1 2 3 4 5 … 8 Next »

Popular Tags

, , , , , , , , , , , , , , , , ,

Ready to get started?

Build a comprehensive security program using our proven model.

Schedule a meeting

Request a proposal

BLOG