HolisticInfoSec.org's Russ McRee writes regularly regarding information security topics in the hope of sharing knowledge and resources with a wide audience.
The ISSA Journal is available to members in print and online at issa.org. Article copies are available on the toolsmith page.
The September 2012 issue of Information Security magazine, as part of TechTarget's SearchSecurity, includes Russ' article Mobile application security best practices in a BYOD world .
InfoSec Resources, part of the InfoSec Institute, has published Russ' article OWASP Top Ten Tools and Tactics which discusses a tool for each of the OWASP Top 10 to aid in discovering and remediating each vulnerabilty type.
InfoSec Resources also offers Security Incident Response Testing To Meet Audit Requirements, Russ's article on practical guidance and tools to ensure maximum readiness for incident response teams including drill tactics.
SearchFinancialSecurity.com features three of Russ' articles:
Russ' article regarding security data visualization is available in Issue 106 (September 2009) of Linux Magazine.
Additionally, his article regarding the open source laptop tracking and recovery offering Adeona is available in Issue 100 (March 2009) of Linux Magazine.
Russ' article, Safe Keeping, regarding TrueCrypt, is now available in Information Security magazine.July 2008's (IN)SECURE features Russ's article Open Redirect Vulnerabilities: Definition and Prevention. Download Issue 17 .
TrueCrypt is an open source laptop encryption alternative for your organization.
This article also includes a sidebar on Adeona, an open source system for tracking the location of your lost or stolen laptop that does not rely on a proprietary, central service.
June's ISSA Jounal features Russ's article, Anatomy of an XSS Attack, as its title piece. This is a unique effort written in the 1st person, as a cybercriminal, to exemplify the grave harm that can come to users and consumers when cross-site scripting (XSS) vulnerabilities are left unmitigated. With kind permission from the ISSA Journal, holistiinfosec.org is able to bring non-members the pdf copy of Anatomy of an XSS Attack. Please consider joining the ISSA today.
Testy Eft , Russ's article on security testing with nUbuntu , is available in the November 2007 issue 84 of Linux Magazine.
A piece covering Network Security Monitoring and Sguil via Knoppix-NSM is available in the October 2007 Information Security Magazine titled Putting Snort to Work.
OWASP offers Secure Web App Server , in its Papers collection. The paper covers the use of SELinux, iptables, mod_jk, mod_security, and mod_evasive to build a secure web app server. This paper is a living document, updated as needed to stay current. Current version is 1.3 with change notes included.
SMaK - Smoothwall, MySQL and Kiwi Syslog Daemon: Cost Effective Firewall and Logging with Database and Analysis
Systems Security Assessment: A Simple Baseline
Guest Blog Posts
Microsoft Internet Explorer Blog: Statistical Validation of the IE8 XSS Filter
Microsoft Malware Protection Center Threat Research & Response Blog: Another Reason to Avoid Piracy
|< Prev||Next >|