|
Russ McRee's HolisticInfoSec.org is dedicated to sharing information security content and resources in an open, clear manner, with the hope of helping improve infosec for all who seek to do so. Information security is best broken down to the most simple components: best practices and common sense. The threat-scape facing an information security practitioner is perpetually dynamic; we must adapt and evolve as do those threats. Holisticinfosec.org endeavors to aid in that process through dynamic content and timely topics in ISSA Journal's toolsmith. As well we know, those who would do harm never rest: protect your own.
Practice simplicity
Seek to be proactive, rather than reactive
Think creatively, but adhere to standards
Employ best practices |
|
|
The IT Infrastructure Threat Modeling Guide, a Solutions Accelerator I've written with the Solution Accelerators for Security and Compliance team is now available for download via the Technet Library and the Download Center. Networkworld's kind coverage of the guide's release provides additional insight. |
|
|
Russ's ISSA Journal article, Anatomy of an XSS Attack, is now also featured at Infosec Writers . This is a unique effort written in the 1st person, as a cybercriminal, to exemplify the grave harm that can come to users and consumers when cross-site scripting (XSS) vulnerabilities are left unmitigated. With kind permission from the ISSA Journal, holistiinfosec.org is able to bring non-members the pdf copy of Anatomy of an XSS Attack. Please consider joining the ISSA today. |
|
July's toolsmith examines Malzilla, a program useful for exploring malicious Web pages. In August, we'll take a close look at AIRT , the Application for Incident Response Teams . toolsmith offers insights on tools useful to the infosec practitioner, typically open source or inexpensive. The ISSA Journal is available to members in print and online at issa.org. Article copies are available on the toolsmith page. |
|
|
