NIST SP 800-177 Revision 1: “Trustworthy Email”
The National Institute of Standards and Technology (NIST) has released its Security Publication (SP) 800-177 Revision 1, that includes security recommendations for achieving "Trustworthy Email." SP 800-177 Rev 1 includes updated guidelines for securing email ...
Read More
Read More
NIST SP 1800-4: Mobile Device Security
The National Institute of Standards and Technology (NIST) has released its Security Publication (SP) 1800-4, that includes security guidelines for mobile device security in cloud and hybrid environments. The latest SP 1800-4 document titled "Mobile ...
Read More
Read More
NIST SP 800-37 Rev. 2: Risk Management Framework for Information Systems and Organizations
The National Institute of Standards and Technology (NIST) has released its Security Publication (SP) 800-37 Rev. 2: "Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy." SP ...
Read More
Read More
Many organizations lacking adoption of key CIS controls
A recent survey conducted by Tripwire revealed organizations are not fully adopting security controls from key benchmarks, such as the Center for Internet Security (CIS). CIS established the "top 20" set of critical security controls ...
Read More
Read More
PCI DSS 3.2.1 release
The PCI Security Standards Council (PCI SSC) has published a minor revision to the PCI Data Security Standard (PCI DSS) many businesses use to safeguard payment card data. The latest version 3.2.1 replaces the previous ...
Read More
Read More
New CIS Controls V7 released
The Center for Internet Security (CIS) has released its next revision (Version 7) of the top 20 Critical Security Controls. The CIS controls are a recommended set of cyber defense actions that provide detailed and actionable ways to ...
Read More
Read More
PCI security standards for mobile point of sale
The PCI Security Standards Council (PCI SSC) announced a new PCI Security Standard for software-based PIN entry on commercial off-the-shelf devices (COTS), to include smartphones and tablets. According to the press release on Wednesday, the PCI Software-Based PIN ...
Read More
Read More
My 6 Favorite Mac Security Hardening Recommendations
In the wake of Apple's most recent and embarassing blunder regarding the macOS High Sierra root login flaw, I felt it was a good time to revisit Apple Mac hardening guidelines that can help users ...
Read More
Read More
What Are Application Containers And How Do I Secure Them?
test You may have wondered what application containers are, let alone how to secure them. The National Institute of Standards and Technology (NIST) sets out to explain the benefits and security concerns with application container ...
Read More
Read More
New Email Security Guidelines To Combat Phishing Threats
The NIST standard, SP 800-177 Revision 1, Trustworthy Email (Draft) was released last month and offers up-to-date security guidance to include SPF, DKIM, DMARC, and email digital signatures and encryption (via S/MIME), among others. Update: ...
Read More
Read More
