hayner.net

I survived the CISSP and I miiiiiiight get a t-shirt?

Jun 19, 2022 · 11 min read · Certification ISC2 CISSP Personal ·

So, after much rending of garments and gnashing of teeth (e.g., complaining), I passed the CISSP.
Let's talk about that.

Fixing A Hole Where The Cybercrime Gets In

May 9, 2022 · 10 min read · Cost-Management Strategy ·

Share on:

Security doesn't have to be a massive financial hardship. In fact, there are a great number of things that can be done in your organization to make systems and applications more secure. This post outlines some of the most helpful that can be used to make your organization more secure.

Security Wants To Be Free

May 2, 2022 · 8 min read · Cost-Management Strategy ·

Share on:

Not all security needs to come with a price tag, and organizations shouldn't give up on becoming more secure because of cost concerns. A lot of security comes down to education, mindset, and taking advantage of the security built into products and technologies that you already own.

ZPE Takes Out-Of-Band (You Guessed It) To The Cloud

Apr 26, 2022 · 8 min read · XFD7 Datacenter Security ·

Share on:

The basic idea behind out-of-band networks is simple: Don't put management interfaces on a public subnet. ZPE's products do this in a very modern way- but they also provide a lot more security and flexibility than a run of the mill KVM solution.

Reinventing the, uh, script, with Github Copilot

Apr 10, 2022 · 9 min read · Github Microsoft Copilot Bash-Scripting ·

Share on:

GitHub Copilot is a GPT-3 based AI tool that helps programmers write code faster. It definitely has value, but it comes with legitimate caveats that programmers and IT managers alike need to take into consideration before relying on it.

Yes, You Do Need A Password Manager, Brett. Yes You Do!

Apr 2, 2022 · 7 min read · Password-Managers Passwords Personal-security ·

Share on:

A Password Manager is an essential security feature for individual users and enterprises alike. The average internet denizen has to remember 70-80 passwords and accounts, and using the same few passwords over and over is very insecure. Now add in enterprises, who need to secure more than just passwords alone.

Microsoft's Security Vision: Let Our Acronyms Scan All Your Things

Mar 31, 2022 · 9 min read · XFD7 Microsoft Threat-Detection ·

Share on:

Microsoft presented their modern security vision this past week at Gestalt IT’s Security Field Day 7. They highlighted the importance of interconnectedness as a security practice as part of their “SIEM+XDM” security vision. The technology is compelling, but questions about manageability (and cost) remain.

Security Field Day 7 - Details

Mar 25, 2022 · 1 min read · Conference GestaltIt XFD7 ·

Share on:

I attended a very valuable and unique tech conference called "Security Field Day," put on by Gestalt IT. Read on to learn a little more about the event.

Protect Your Data Too, Plz

Mar 16, 2022 · 5 min read · Storage Zero-Trust Defense-In-Depth ·

Share on:

Security conversations often revolve around outwardly-facing edge technologies like firewalls and IDS. These help harden the shell against external threats, but internal threats are just as dangerous. Data is what attackers want, which is why it's just as important to be vigilant about security inside the perimeter.

Quick! No Shortcuts!

Mar 14, 2022 · 5 min read · NIST 800-53 Policy Continuous-Improvement ·

Share on:

Constant technological progress means that IT Security is always evolving to keep up. The recent release of NIST SP 800-53a (rev 5) is a reminder of this. Staying current with security policy is tiring, but keeping up with it (and keeping ahead of the attacks that are evolving is just as fast) is essential.