Operation Lockdown Update ~ Xojo Web App Security

Just a quick note today to bring you up to date on Operation Lockdown. As many of you may know, MSI began working with Xojo, Inc. a year or so ago, focusing on increasing the security of the web applications coded in the language and produced by their compiler. As such, we gave a talk last year at XDC in Orlando about the project and progress we had made. 

Today, I wanted to mention that we have again begun working on OpLockdown, and we remain focused on the stand-alone web applications generated by Xojo. 

Last week, Xojo released Xojo 2014R3 which contains a great many fixes from the project and our work.

The stand-alone web apps now use industry standard HTTP headers (this was true for the last couple of releases) and have the ability to do connection logging that will meet the compliance requirements for most regulatory guidelines.

Additionally, several denial-of-service conditions and non-RFC standard behaviors have been fixed since the project began.

My team will begin doing regression testing of the security issues we previously identified and will continue to seek out new vulnerabilities and other misbehaviors in the framework. We would like to extend our thanks to the folks at BKeeney Software who have been helping with the project, and to Xojo for their attention to the security issues, particularly to Greg O’Lone, who has been our attentive liaison and tech support. Together, we are focused on bringing you a better, safer and more powerful web application development platform so that you can keep making the killer apps of your dreams!

Hello from DayCon!

I have spent some time this week at DayCon in Dayton, Ohio. This is a small hacker conference, with attendance by invitation only. This year the event was focused on attack sources, emerging trends and new insights into the cutting edge of dealing with cyber-crime across many vertical markets and countries.

I speak later today, and I am focusing on the history of cyber-crime, the crime stream, the criminal value chain and how information coalesces before an attack. I look forward to my talk, especially given how engaged the crowd has been thus far with the other speakers. The hallway conversations have been great! 

Lots of variety in the speakers here, with professors, researchers, hackers and even some ICS/SCADA folks in attendance. Lots of good insights floating around and even a few new product ideas!

I’d highly suggest you check out DayCon next year.

PS – Also, looking at the calendar, we are prepping for DerbyCon next week. Come out and see us there. I will be speaking on the Stolen Data Impact Model (SDIM) project and other topics. Plus, as usual, we will be haunting the halls and swinging from the rafters! 🙂 See you in Louisville! 

Ask The Experts: Favorite HoneyPoint Component

This time around, we got a question from a client where HoneyPoint was being demoed for the experts.

Q: “What is your favorite component of HoneyPoint and why? How have you used it to catch the bad guys?”

Jim Klun started off with:

My favorite component is the simplest: HoneyPoint Agent. 

It’s ease of deployment and the simple fact that all alerts from an agent are of note – someone really did touch an internal service on a box where no such service legitimately exists – makes it attractive. 
No one will argue with you about meaning. 

I have recently seen it detect a new MSSQL worm (TCP 1433) within a large enterprise – information obtained from my own laptop. The Agent I had deployed on the laptop had a 1433 listener. It captured the payload from an attacking desktop box located in an office in another US state. 

The HoneyPoint Agent info was relayed to a corporate team that managed a global IPS. They confirmed the event and immediately updated their IPS that was – ideally – protecting several hundred thousand internal machines from attack. 

Honeypoint Agent: It’s simple, it works.

Adam Hostetler added his view:

I’m a simple, no frills guy, so I just like the regular old TCP listener component built into Agent. We have stood these up on many engagements and onsite visits and picked up unexpected traffic. Sometimes malware, sometimes a misconfiguration, or sometimes something innocuous (inventory management). I also find it useful for research by exposing it to the Internet.

John Davis closed with a different view:

My favorite HoneyPoint is Wasp. Watching how skilled attackers actually compromise whole networks by initially compromising one user machine gives me the shivers! Especially since most networks we see aren’t properly enclaved and monitored. If I were a CISO, knowing what is on my network at all times would be of primary importance; including what is going on on the client side! Wasp gets you that visibility and without all the traditional overhead and complexity of other end-point monitoring and white listing tools.

Have a question about HoneyPoint? Want to talk about your favorite component or use case scenario? Hit us on Twitter (@lbhuston or @microsolved). We can’t wait to hear from you. Feel free to send us your question for the experts. Readers whose questions we pick for the blog get a little surprise for their contribution. As always, thanks for reading and stay safe out there! 

3 Reasons I Believe in #CMHSecLunch

Around a year ago, (I know, it is hard to believe it has been a year), I started a quick and informal meet up group in Columbus, called #CMHSecLunch. The idea was simple:

  • Re-Create the “Hallway Con” effect on a monthly basis.

In this scenario, the Hallway Con is the best part of security events. It’s the one where you see old friends, make new ones and have great, warm and personal connections with them. I believe this is the core of why security events and conferences are so valuable. Beyond the skills training, marketing hype and presentations ~ the value of friendship, camaraderie and personal relationships remain.

Thus, I thought, what better way to encourage that part, than organizing events that focus on those goals. And thus, #CMHSecLunch was born. We have been meeting on the second Monday of each month at a rotating mall food court around the city. Response has been great! Sometimes there are a few of us (4 has been the smallest) and sometimes many of us (around 20 have been the largest meetings). But, people have gotten new jobs, found solutions to difficult security problems, met some new friends and saw people they missed.

Overall, it has been fun, entertaining and worthwhile.

We will be continuing the process into 2014 and here are at least three reasons I believe this approach and the #CMHSecLunch events are worth doing:

  1. I have gotten to see people connect, smile and re-unite for a quick bite of food, some laughs and great conversation. Since I am often referred to as the “Hippy Hacker”, you have to know that this alone makes me happy and makes me believe that the events are worthwhile. Whenever we connect with another and share with the community, good things happen! 
  2. New threats have been discussed that brought to light attacker motives, techniques and the width of their activity. If we don’t have lunch and discuss what we are seeing, then the bad guys win. They win even less, if we also have coffee and dessert afterwards. Nuff said! 🙂
  3. New projects have originated from the #CMHSecLunch discussions. In fact, several new projects. People have aligned, worked out some of their ideas and started working together to build talks, mathematical models, risk documents and various other useful tools. When a bunch of smart people eat and play together, often the outcome is stuff that helps all of us. So, being the origin of projects and stuff that helps the community is a fantastic thing. 

Why haven’t you attended (again)? 🙂

If I still haven’t persuaded you to check out the next #CMHSecLunch, (which you can find by clicking here), how about these quotes from people who have attended the event?

@TSGouge: Interaction with real live human beings, no screens involved! Food, jokes (that only another geek would get), getting my butt out of the office chair, and dialogue more rich than any conference or lecture…these are people who will now reach out and collaborate on problems or projects. To sum it all up: connections with people who get it.

@Cahnee: CMHSecLunch is a great way to get away from the craziness of work and spend time with infosec peers to talk about whats on everyones mind. We talk about current events and what each of us see as challenges facing us both professionally and personaly from an infosec perspectice.  Talk about encryption, mobile devices, NSA, DOD, etc.

@gisobiz: CMHSecLunch is a great thing! You meet with the like-minded people, or like-minded people wannabes and enjoy the food (great or not), but most importantly, the awesome conversation. You will get to know better people you already know, or make new friends.  Talking in an informal friendly environment takes the pressure off “being right” or “saying the right thing” which one encounters in a professional environment. Nobody will laugh at you or criticize you; in fact everyone is interested in your fresh (or stale) perspective on InfoSec or current events related to cyber security or anything else you care to share. And the really best thing is you get to learn from your colleagues, something you may not have an opportunity to learn otherwise.  It is like a miniature “geek” party in the best sense of the word. Or if you like – a mini-Black Hat conference. With food.

So, come on out next month and support the community. Have fun, grab a bite and engage with us, we are waiting for the view and insight that ONLY YOU can provide. Join us! 

Infosec, The World & YOU Episode 3 is Out!

Our newest episode is out, and this time we are joined by a very special guest, @TSGouge who discuss social engineering for companies and on the nation state scale. Victoria reveals her new plans to take over the world and Brent tries to keep up with these gals, who are straight up geniuses. We also pontificate on Syria and the potential for cyber-fallout from the action going on over there.

Check it out here

Have a global real world/cyber issue you want us to tackle? Observed an odd event that ties to a real world cause in the Internets? Drop us a line ~ we’d love to hear about it or get you on the show! 

You can find Brent on Twitter at @lbhuston and Victoria stars as @gisoboz. Get in touch! 

CMHSecLunch is Monday August 9th

This month’s CMHSecLunch is Monday, August 9th, 2013 at 11:30am. The location for this month is the Easton Mall food court. You can register here, or just show up. ADMISSION IS FREE!!!!!

Imagine hanging out with your infosec bestys, or meeting a new infosec connection that takes your career to the next level. Ever wondered what infosec experts eat, drink or why some of them only wear pastel shirts? This is YOUR chance to find out! 

We hope to see you there! 

Cyber SA from the Queensland Police Cyber Crime & Fraud Symposium…

Good day from Queensland Australia;

Today your are receiving Cyber SA from the 2013 Queensland Police Cyber Crime & Fraud Symposium…

Heard a variety of scintillating cyber fraud case histories from international law enforcement today as the 2013 Queensland Police Cyber Crime & Fraud Symposium Day One kicked off…other topics presented included data breach handling and online reputation remediation suggestions from some of Australia’s cyber duty experts in the field…

Enjoy today edition, albeit abbreviated, of Cyber Situational Awareness!

People’s Republic of Corruption Control…Discipline bodies launch website Globaltimes.cn |
The Central Commission for Discipline Inspection (CCDI) of the Communist Party of China (CPC) and theMinistry of Supervision on Monday jointly opened an official website, offering the public a new online channel to report corrupt officials
http://www.globaltimes.cn/content/808182.shtml#.UiWHQmSG1JE
People’s Republic of China’s quest for world-beating brand held back by regime
http://wanderingchina.org/2013/09/03/chinas-quest-for-world-beating-brand-held-back-by-regime-guardian-risingchina-branding/
Jiang Jiemin removed from office: authority – People’s Daily Online
http://english.peopledaily.com.cn/90785/8387285.html
Yahoo Kills Chinese Services
http://www.techweekeurope.co.uk/news/yahoo-pulling-out-of-china-126178
Targeted Attacks Deliver Disassembled Malware |
http://www.symantec.com/connect/blogs/targeted-attacks-deliver-disassembled-malware

Chinese look for greater influence in UK nuclear programme
http://www.powerengineeringint.com/articles/2013/09/chinese-look-for-greater-influence-in-uk-nuclear-programme.html
People’s Republic of China’s Lenovo CEO to Share $3 Million Bonus With 10,000 Employees The Diplomat |
http://thediplomat.com/tech-biz/2013/09/03/lenovo-ceo-to-share-3-million-bonus-with-10000-employees/
People’s Republic of China-Russia Ties Deepen
http://thediplomat.com/china-power/china-russia-ties-deepen/

Citadel Makes a Comeback, Targets Japan Users |
http://blog.trendmicro.com/trendlabs-security-intelligence/citadel-makes-a-comeback-targets-japan-users/
Fraud and ATM attacks hit Germany hard
http://www.net-security.org/secworld.php?id=15495
Learning From One of the Most Successful Industry Verticals — Cybercrime
http://hacksurfer.com/amplifications/253-learning-from-one-of-the-most-successful-industry-verticals-8212-cybercrime

The TAO of NSA
http://www.net-security.org/secworld.php?id=15500&
NSA tops up exploit pool with $25m in ‘grey market‘ vulnerabilities
http://www.cso.com.au/article/525241/nsa_tops_up_exploit_pool_25m_grey_market_vulnerabilities_/
Cyber Warfare: Government-Endorsed Surveillance
http://www.ibtimes.co.uk/special-reports/3338/cyber-warfare-government-endorsed-surveillance.html
More illegal NSA spying activities leaked – Xinhua | English.news.cn
http://news.xinhuanet.com/english/world/2013-09/02/c_132684366.htm

Semper Fi,

謝謝,
紅龍!

Cyber SA ~ Queensland, Australia 2400Z1SEP2013

Good day from Queensland , Australia…

Today’s cyber SA greeted the Red Dragon with a notification that his name had been used in a targeted hacking attack…data breach and data loss resulted…and BTW ‘check your travel arrangements for compromise’ as your records were violated digitally…yikes!

Nonetheless – much more in today’s issue of Cyber SA for you to enjoy…

US cyber attacks ‘targeted Russia, People’s Republic of China, Iran and North Korea’
http://www.news.com.au/technology/us-cyber-attacks-targeted-russia-china-iran-and-north-korea-according-to-washington-post/story-e6frfro0-1226708363415?f

Taiwan probes HTC staff over theft of trade secrets…destination: People’s Republic of China
http://www.scmp.com/news/china/article/1300866/taiwan-probes-htc-staff-over-secrets-theft
Cyber Kleptomaniacs: Why the People’s Republic of China Steals Our Secrets
http://www.worldaffairsjournal.org/article/cyber-kleptomaniacs-why-china-steals-our-secrets
Three HTC Employees Suspected Of Selling Design Secrets To People’s Republic of China
http://www.businessinsider.com.au/three-htc-employees-suspected-of-selling-design-secrets-to-china-2013-8?
“People’s Republic of China actively engaging in kinetic & directed -energy based weapons systems…

China Studying as US launches new rocket carrying spy satellite – SCI_TECH – Globaltimes.cn
http://www.globaltimes.cn/content/807212.shtml#.UiPF_2SG1JE
China Studies: US sends new military satellite into orbit – SCI_TECH – Globaltimes.cn
http://www.globaltimes.cn/content/802482.shtml#.UiPGEmSG1JE

People’s Republic of Cyber Espionage … Xi’an Couple Jailed for Selling Hi-Technology State Secrets
http://www.militaryy.cn/html/52/n-93052.html

People’s Republic of China’s War On Online Gossip Is Starting To Get Scary
http://www.businessinsider.com.au/china-is-waging-a-war-on-online-rumors-2013-8?
People’s Republic of China’s “seven base lines” for a clean internet
http://cmp.hku.hk/2013/08/27/33916/
Canadian fellow tracks China’s censored words
http://www.cbc.ca/news/canada/toronto/story/2013/08/29/toronto-university-munk-school-sina-weibo-censor.html
Netizens & companies behind People’s Republic of China’s $39 billion search engine market (INFOGRAPHIC)
http://www.techinasia.com/china-39-billion-dollar-search-engine-market-in-2013/?
Chinese “black PR” firm controlled hundreds of verified Weibo users, raked in millions
http://www.techinasia.com/chinese-black-pr-firm-controlled-hundreds-verified-weibo-users-raked-millions/?
An Inside Look at the People’s Republic of China’s Censorship Tools
http://blogs.wsj.com/chinarealtime/2013/08/30/an-inside-look-at-chinas-censorship-tools/?
Top microbloggers must well handle discourse power – People’s Daily Online
http://english.peopledaily.com.cn/90782/207872/8385107.html

Beijing security expert calls for greater openness and transparency in Xinjiang
Says Chinese Government should stop information blockades…

http://www.scmp.com/news/china/article/1301450/beijing-security-expert-calls-greater-openness-and-transparency-xinjiang
Attack on rumours a step backwards for transparency in People’s Republic of China
http://www.scmp.com/news/china/article/1301448/attack-rumours-step-backwards-transparency

China investigating corruption allegations against state asset regulator Jiang Jiemin
A move to bring down Zhou Yongkang, the widely-feared former head of China’s security apparatus, has claimed the scalp of one of his senior lieutenants, the former chairman of the giant oil monopoly China National Petroleum Company (CNPC)

http://www.telegraph.co.uk/news/worldnews/asia/china/10278672/China-investigating-corruption-allegations-against-state-asset-regulator-Jiang-Jiemin.html
People’s Republic of China’s Army Day Coverage Stresses Winning Battles with “Dream of a Strong Military”
http://www.jamestown.org/programs/chinabrief/single/?tx_ttnews%5Btt_news%5D=41300&cHash=d9441328a6f257f9f39db71ae6815333#.UiOh3WSG1JE

Mesh networks can help Asia avoid censorship and recover from disasters
http://www.techinasia.com/mesh-networking-asia-avoid-censorship-recover-disasters/?

First free, public malware database launched in Taiwan|
http://www.wantchinatimes.com/news-subclass-cnt.aspx?id=20130831000004&cid=1103

People’s Republic of China’s Huawei spokesman tells Intelligence Committee chair to ‘stow it’
http://www.bizjournals.com/sanjose/news/2013/08/30/huawei-spokesman-tells-intelligence.html
People’s Republic of China’s ZTE steps up lobbying after spy fears block US contracts
http://www.scmp.com/business/china-business/article/1300810/zte-steps-lobbying-after-spy-fears-block-us-contracts
EXCLUSIVE TEST: People’s Republic of China’s Huawei switch: Good first effort
http://www.itworld.com/networking/371054/exclusive-test-huawei-switch-good-first-effort
People’s Republic of China’s quest for world-beating brand held back by regime
OP Middle Kingdom…

http://www.theguardian.com/business/2013/sep/01/chinese-brands-thinking-west
Corrupt, anonymous and in thrall to the party – People’s Republic of China is not the new Japan
http://www.theguardian.com/world/2013/sep/01/china-japan-corrupt-anonymous-party
People’s Republic of China Pakistan pledge to further boost military ties Lastupdate:- Sun, 1 Sep 2013 18:30:00
http://www.greaterkashmir.com/news/2013/Sep/1/china-pakistan-pledge-to-further-boost-military-ties-68.asp
Policy resolves foreigners’ visa extension issue: China
http://www.chinapost.com.tw/china/national-news/2013/09/01/387847/Policy-resolves.htm
People’s Republic of China Moves to Isolate Philippines, Japan
http://thediplomat.com/the-editor/2013/08/30/china-moves-to-isolate-philippines-japan/

An American Cyberoperations Offensive
http://www.nytimes.com/2013/09/01/world/americas/documents-detail-cyberoperations-by-us.html?
Feds plow $10 billion into “groundbreaking” crypto-cracking program
Consolidated Cryptologic Program has 35,000 employees working to defeat enemy crypto.
http://arstechnica.com/security/2013/08/feds-plow-10-billion-into-groundbreaking-crypto-cracking-program/
US Intelligence Community: The World’s 4th Largest Military?
http://thediplomat.com/flashpoints-blog/2013/08/30/us-intelligence-community-the-worlds-4th-largest-military/

Iran plays key role in global campaign against terrorism: intelligence minister
http://www.tehrantimes.com/politics/110416-iran-plays-key-role-in-global-campaign-against-terrorism-intelligence-minister
Why the U.S. Should Use Cyber Weapons Against Syria
http://www.defenseone.com/technology/2013/08/why-us-should-use-cyber-weapons-against-syria/69776/
Drums of cyber war grow louder
http://www.arabnews.com/news/463050
Syria’s largest city just dropped off the Internet
http://www.washingtonpost.com/blogs/the-switch/wp/2013/08/30/syrias-largest-city-just-dropped-off-the-internet/
Syrian Electronic Army: If U.S. Attacks ‘We Will Target All of It’
http://mashable.com/2013/08/30/syrian-electronic-army-interview/
Attacking Syria may lead to missile strikes, cyber warfare and terror attacks on US soil, warn military experts
http://www.dailymail.co.uk/news/article-2405362/Attacking-Syria-lead-terror-attacks-cyber-warfare-missile-attacks-US-soil-warn-military-experts.html

Report: Spy Agencies’ ‘Black Budget’ Reveals Intelligence Gaps : NPR
http://www.npr.org/blogs/thetwo-way/2013/08/29/216873944/report-spy-agencies-black-budget-reveals-intelligence-gaps?f
These are the companies alleged to have links to the NSA surveillance scandal
http://gigaom.com/2013/08/30/these-are-the-companies-alleged-to-have-links-to-the-nsa-surveillance-scandal/
Exclusive: Army Admits To Major Computer Security Flaw
Army’s Deputy of Cybersecurity says a security failure can allow unauthorized access to computer files. Instead of fixing it, they are telling soldiers to be more careful.

http://www.buzzfeed.com/justinesharrock/exclusive-army-admits-to-major-computer-security-flaw
NSA misused PRISM – Spied on Al Jazeera, bugged UN headquarters and used for personal spying
http://thehackernews.com/2013/08/nsa-misused-prism-spied-on-al-jazeera.html

Semper Fi ~

謝謝,
紅龍!

Ask The Experts: New Device Check Lists

This time around on Ask The Experts, we have a question from a reader and it got some great responses from the team:

 

Q: “I need a quick 10 item or less checklist that I can apply to new devices when my company wants to put them on our network. What kinds of things should I do before they get deployed and are in use around the company?”

 

Bill Hagestad started us off with:

The Top 10 checklist items a CISO/or equivalent authority should effectively manage before installing, configuring and managing new devices on a network includes the following;

 

1)Organize your staff and prepare them for the overall task of documenting and diagramming your network infrastructure – give them your commander’s network management intent;

2)Create a physical and logical network map – encourage feedback from your team regarding placement of new hardware and software;

3)Use industry standards for your network including physical and logical security, take a good look at NIST Special Publication SP 800-XX Series;

4)Make certain that you and your team are aware of the requisite compliance standards for your business and industry, it will help to ensure you are within legal guidelines before installing new devices or perhaps you may discover the hardware or software you are considering isn’t necessary after all;

5)Ensure that after you have created the necessary network maps for your infrastructure in Step 2) above, conduct a through inventory of all infrastructure which is both critical and important to your business, then document this baseline;

6)Create a hardware/software configuration change procedure; or if you already have his inlace, have your team review it for accuracy; make certain everyone on the team knows to document all changes/moves/additions on the network;

7)Focus not only on the correlation of newly implemented devices on the internal networks but also look at the dependencies and effects on external infrastructure such as voice/data networks – nothing worse than making an internal change to your network and having your Internet go down unnecessarily;

8)Ensure that new network devices being considered integrate gracefully into your existing logging and alerting mechanisms; no need to install something new only to have to recreate the proverbial wheel in order to monitor it;

9)Consider the second & third order effects of newly installed devices on the infrastructure and their potential impact on remote workers and mobile devices used on the network;

10)Install HoneyPoint Security Server (HPSS) to agentlessly & seamlessly monitor external and potential internal threats to your newly configured network….

 

Of course a very authoritative guide is published by the national Security Agency called appropriately “Manageable Network Plan” and available for download @:

 

http://www.nsa.gov/ia/_files/vtechrep/ManageableNetworkPlan.pdf


Jim Klun added:

1. Make sure the device is necessary and not just a whim on the part of management.   Explain that each new device increases risk. 

2. If the device’s function can be performed by an existing internal service, use that service instead. 

3. Inventory new devices by name, IP addresses, function and – most importantly – owners.  There should be a device owner and a business owner who can verify continued need for the device.  Email those owners regularly,   querying them about continued need. Make sure that these folks have an acknowledged role to support the application running on the devices and are accountable for its security. 

4. Research the device and the application(s) its support.  Have no black boxes in your datacenter.  Include an abstract of this in the inventory. 

5. Make sure a maintenance program is in place – hold the app and device owner accountable. 

6. Do a security audit of the device wehn fully configured. Hit it with vulnerability scanners and make sure that this happens at least quarterly. 

7. Make sure monitoring is in place and make very sure all support staff are aware of the device and any alerts it may generate. Do not blind-side the operations staff. 

8. If the device can log its activities ( system and application ) to a central log repository, ensure that happens as part of deployment. 

9. Make sure the device is properly placed in your network architecture. Internet-exposed systems should be isolated in an Internet DMZ.  Systems holding sensitive data should similarly be isolated. 

10. Restrict access to the device as narrowly as possible. 

 

Finally.. if you can, for every device in your environment, log its network traffic and create a summary of what is “normal” for that device.  

Your first indication of a compromise is often a change in the way a system “talks”. 

 

Adam Hostetler chimed in with: 

Will vary a lot depending on device, but here are some suggestions

 

1. Ensure any default values are changed. Passwords, SNMP strings, wireless settings etc.

2. Disable any unnecessary services

3. Ensure it’s running the latest firmware/OS/software

4. Add the device to your inventory/map, catalog MAC address, owner/admin, etc.

5. Perform a small risk assessment on the device. What kind of risk does it introduce to your environment? Is it worth it?

6. Test and update the device in a separate dev segment, if you have one.

7. Make sure the device fits in with corporate usage policies

8. Perform a vulnerability assessment against the device. 

9. Search the internet for any known issues, vulnerabilities or exploits that might effect the device.

  1. Configure the device to send logs to your logging server or SEIM, if you have one.

 

And John Davis got the last word by adding: 

From a risk management perspective, the most important thing a CISO needs to ensure is in place before new devices are implemented on the network is a formal, documented Systems Development Life Cycle or Change Management program. Having such a program in place means that all changes to the system are planned and documented, that security requirements and risk have been assessed before devices have purchased and installed, that system configuration and maintenance issues have been addressed, that the new devices are included in business continuity planning, that proper testing of devices (before and after implementation on the network) is undertaken and more. If a good SDLC/Change Management program is not in place, CISOs should ensure that development and implementation of the program is given a high priority among the tasks they wish to accomplish.

 

Whew, that was a great question and there is some amazing advice here from the experts! Thanks for reading, and until next time, stay safe out there! 

 

Got a question for the experts? Give us a shout on Twitter (@microsolved or @lbhuston) and we’ll base a column on your questions!

Yo, MSI Raps Podcast Episode 1

This is the latest version of Yo, MSI Raps. We have decided to make these episodes open to public finally, so we will start with this one.

This is an open round table discussion between members of the MSI Technical Team. It is candid, friendly and, we hope, interesting. 🙂

This time around, the team talks about privacy, the news around the NSA collection of data and impacts of surveillance on liberty. 

You can check out the podcast here!

Look for these sessions to be released more frequently and on topics that are in the news. We hope you enjoy them, and feel free to give us feedback via Twitter (@lbhuston or @microsolved) and/or via the comments section.

Thanks for listening!