Thursday 16 June 2016

ePolicy Orchestrator update fixes multiple Oracle Java vulnerabilities - May 2016

ePO is vulnerable to multiple CVEs reported in Oracle's April 2016 Java SE update. Collectively, these vulnerabilities affect confidentiality, integrity, and availability of the server.

Monday 13 June 2016

(ISC)2 SecureLondon 2016


This conference explores the impact of the rise of the virtual organisation on security practice; the solutions that are emerging to tackle this environment; and the lessons being learned within professional practice. Acknowledging the need to step away from the technology–driven approach that often dominates traditional systems security management, delegates will explore the foundational concepts that drive security and still apply in a world that is designed to be much less defined than in the past.
(ISC)2Members - Free
(ISC)2 Chapter Members: 50% discount
ISF Members: 15%
ISSA/ISACA Members: 10% discount
Registration available here

Friday 10 June 2016

PSRemoting Domain Controllers - Least Privilege access

Remoting Domain Controllers can speed up SysAdmin operations and enable SysAdmins to schedule automation tasks, lets be honest thats why we like Powershell so much.  Being able to remote a domain controller requires elevated permissions and based on the Principle of least privilege we don't want to configure scheduled tasks using Domain Admin credentials.

Thursday 9 June 2016

Becoming an Associate of (ISC)2


With the shortfall in the cybersecurity workforce projected to be 1.5 million globally in five years*, businesses are pressed to find qualified candidates to protect their organisation against cyber threats. The need for candidates to prove their capability is more important than ever.
The Associate of (ISC)² allows those just starting out in the information security workforce to demonstrate their competence in the field. Associates have passed a rigorous (ISC)² certification exam, proving their cybersecurity knowledge, and maintaining their continuing professional education (CPE) requirements while working toward completing the experience requirements to become fully certified as a CISSP, SSCP, CCSP, HCISPP, CCFP, CAP or CSSLP.

*2015 Global Information Security Workforce Study