I have developed a bit of an obsession with Hack the Box as of late. Over the past few weeks, I’ve completed seven boxes, climbing…
This post walks through an iterative approach to moving your organization’s Microsoft environment to modern authentication and away from legacy (aka basic) authentication. Legacy authentication…
Are we not like the credit ratings agencies? We are paid by a company to rate something they own or have created. Michael Lewis had…
Identity proofing is key to starting the relationship between a user and your digital service. This is the “Before we start, I’ll need some information…
Last month I wrote and passed the Microsoft Azure Security Technologies exam, which makes me an Azure Security Engineer Associate. I’d been meaning to do…
Are vendors doing the right thing when they patch systems that are out of support? Or are they allowing customers to shirk their responsibilities? The…
It is easy to get lost in lengthy checklists and spreadsheets during a cybersecurity risk assessment. While the detailed checking of vulnerabilities and safeguards is…
NIST is great in many areas but I find their material on identity management really stands out, and their set of Digital Digital Identity Guidelines…
NIST’s cybersecurity and risk material is awesome but its size and detail can be overwhelming. You make your way through one of their long, in-depth…