Article: A Report Template for Incident Response - published 8 months ago.
Content: Preparing for cybersecurity and data privacy incidents involves creating checklists and documented plans to enable the response team to do their best during the incident. Preparation also includes creating a template that the team can use as the basis for the incident report, which is critical to ensuring that the incident is handled well. We created suc...
Copy Link: https://zeltser.com/incident-response-report-template/   
Published: 2023 09 13 14:39:17
Received: 2024 04 05 20:45:02
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: How Security Can Better Support Software Engineering Teams - published 7 months ago.
Content: As the CISO at a tech company, my responsibilities include empowering our software engineering teams to maintain a strong security posture of our products. While everyone agrees that security is important, the different incentives of security and engineering teams can make it harder to collaborate. Here's some advice on weaving security into the software de...
Copy Link: https://zeltser.com/securing-software-products/   
Published: 2023 10 05 18:53:35
Received: 2024 04 05 20:45:01
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: 3 Opportunities for Cybersecurity Leaders Who Choose to Stay - published 4 months ago.
Content: Several years into your role as a security leader at a company, you’ll reach a point when you ask yourself, “What’s next for me?” This article discusses three ways to proceed if you choose to stay at your current organization. (It was co-authored by Yael Nagler and Lenny Zeltser.) At this point in your CISO tenure, you know your way around the company, y...
Copy Link: https://zeltser.com/three-ciso-opportunities-when-staying/   
Published: 2024 01 18 13:40:23
Received: 2024 04 05 20:45:01
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Distribute Cybersecurity Tasks with Diffusion of Responsibility in Mind - published 6 months ago.
Content: The notion that security is everyone’s responsibility in computer systems dates back to at least the early 1980s when it was included in a US Navy training manual and hearings in the US House of Representatives. Behind the pithy slogan is the idea that every person in the organization contributes to its security program. Even if the company has employees wi...
Copy Link: https://zeltser.com/distribute-cybersecurity-tasks/   
Published: 2023 11 03 17:46:53
Received: 2024 01 18 13:44:09
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: 3 Opportunities for Cybersecurity Leaders Who Choose to Stay - published 4 months ago.
Content: Several years into your role as a security leader at a company, you’ll reach a point when you ask yourself, “What’s next for me?” This article discusses three ways to proceed if you choose to stay at your current organization. (This post was co-authored by Yael Nagler and Lenny Zeltser.) At this point in your CISO tenure, you know your way around the com...
Copy Link: https://zeltser.com/three-ciso-opportunities-when-staying/   
Published: 2024 01 18 13:40:23
Received: 2024 01 18 13:44:09
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Shift Your Mindset from Conflict to Collaboration to Succeed in Security - published about 1 year ago.
Content: In the two decades I've spent in cybersecurity, I've observed and experienced the fighting spirit of security professionals: When tasked with safeguarding information assets, we envision ourselves erecting defenses to keep threat actors at bay, or we emulate malicious actions to find flaws in the organization's security measures before attackers exploit the...
Copy Link: https://zeltser.com/shift-your-mindset-from-conflict-to-collaboration-to-succeed-in-security/   
Published: 2023 03 29 14:24:13
Received: 2024 01 18 02:03:02
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Untangling the Complexity of SaaS Ownership in the Enterprise - published about 1 year ago.
Content: Before SaaS, employees had to rely on IT and other teams to procure software, which gave the organization a direct way of controlling such purchases and deployments. Now, employees can sign up for SaaS applications without involving anyone in the company. All it takes is a few clicks and (sometimes) a credit card for people to start using such products. In ...
Copy Link: https://zeltser.com/untangling-saas-complexity/   
Published: 2023 04 27 21:36:16
Received: 2024 01 18 02:03:02
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: As a CISO, Are You a Builder, Fixer, or Scale Operator? - published almost 1 year ago.
Content: When contemplating the next step in your career as a cybersecurity leader, understand what you do best and what you enjoy doing. Figuring this out will help you identify organizations and projects that will benefit from your superpowers and accelerate your growth as a professional. As an added bonus, you’ll be more effective in communicating how you bring v...
Copy Link: https://zeltser.com/builder-fixer-scale-operator/   
Published: 2023 05 10 16:20:17
Received: 2024 01 18 02:03:02
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Let’s Address the Cybersecurity Careers Gap - published 12 months ago.
Content: Too many people are unsure how to enter or grow in the cybersecurity industry. It's a relatively young field, and we haven’t done a good job of defining what it means to have a career in it. Hiring managers who are worried about finding candidates because of the much-discussed cybersecurity skills gap should consider the underlying issue, which we might cal...
Copy Link: https://zeltser.com/cybersecurity-careers-gap/   
Published: 2023 05 12 00:39:43
Received: 2024 01 18 02:03:01
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Three Ways CISOs Can Drive More Meaningful Collaboration - published 12 months ago.
Content: Today’s CISOs are more than technologists—we strive to make ourselves well-rounded business leaders. This involves aligning our efforts with business objectives and collaborating with colleagues who are not experts in IT or security. In fact, Gartner’s research found that top-performing CISOs regularly meet with three times as many non-IT stakeholders as th...
Copy Link: https://zeltser.com/cisos-and-collaboration/   
Published: 2023 05 16 01:41:38
Received: 2024 01 18 02:03:01
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Withholding Single Sign-On from SaaS Customers is Bad for Business and Security - published 12 months ago.
Content: Despite years of public shaming by security professionals, some SaaS vendors only offer Single Sign-On (SSO) in high-end "enterprise" product tiers. By withholding this capability from smaller organizations, they put customers' security at risk. Moreover, such vendors base a pricing strategy on a weak signal and miss an opportunity to lower their own securi...
Copy Link: https://zeltser.com/witholding-sso/   
Published: 2023 05 26 01:32:06
Received: 2024 01 18 02:03:01
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Security Leaders Can Lower Expenses While Reducing Risk - published 9 months ago.
Content: As companies seek to optimize operations and constrain expenses, cybersecurity leaders worry about funding the projects we consider essential. Fortunately, in such an economic climate, we can achieve an outcome that benefits the organization from cybersecurity as well as financial perspectives. Here’s how. Start by critically reviewing how you’ll spend t...
Copy Link: https://zeltser.com/lower-cybersecurity-expenses-reduce-risk/   
Published: 2023 08 23 11:14:00
Received: 2024 01 18 02:03:01
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: A Report Template for Incident Response - published 8 months ago.
Content: Preparing for cybersecurity and data privacy incidents involves creating checklists and documented plans to enable the response team to do their best during the incident. Preparation also includes creating a template that the team can use as the basis for the incident report, which is critical to ensuring that the incident is handled well. We created suc...
Copy Link: https://zeltser.com/incident-response-report-template/   
Published: 2023 09 13 14:39:17
Received: 2024 01 18 02:03:01
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: How Security Can Better Support Software Engineering Teams - published 7 months ago.
Content: As the CISO at a tech company, my responsibilities include empowering our software engineering teams to maintain a strong security posture of our products. While everyone agrees that security is important, the different incentives of security and engineering teams can make it harder to collaborate. Here's some advice on weaving security into the software de...
Copy Link: https://zeltser.com/securing-software-products/   
Published: 2023 10 05 18:53:35
Received: 2024 01 18 02:03:01
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Distribute Cybersecurity Tasks with Diffusion of Responsibility in Mind - published 6 months ago.
Content: The notion that security is everyone’s responsibility in computer systems dates back to at least the early 1980s when it was included in a US Navy training manual and hearings in the US House of Representatives. Behind the pithy slogan is the idea that every person in the organization contributes to its security program. Even if the company has employees wi...
Copy Link: https://zeltser.com/distribute-cybersecurity-tasks/   
Published: 2023 11 03 17:46:53
Received: 2024 01 18 02:03:01
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: How Security Can Better Support Software Engineering Teams - published 7 months ago.
Content: As the CISO at a tech company, my responsibilities include empowering our software engineering teams to maintain a strong security posture of our products. While everyone agrees that security is important, the different incentives of security and engineering teams can make it harder to collaborate. Here's some advice on weaving security into the software de...
Copy Link: https://zeltser.com/securing-software-products/   
Published: 2023 10 05 18:53:35
Received: 2023 11 03 18:04:39
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Distribute Cybersecurity Tasks with Diffusion of Responsibility in Mind - published 6 months ago.
Content: The notion that security is everyone’s responsibility in computer systems dates back to at least the early 1980s when it was included in a US Navy training manual and hearings in the US House of Representatives. Behind the pithy slogan is the idea that every person in the organization contributes to its security program. Even if the company has employees wi...
Copy Link: https://zeltser.com/distribute-cybersecurity-tasks/   
Published: 2023 11 03 17:46:53
Received: 2023 11 03 18:04:38
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: How Security Can Better Support Software Engineering Teams - published 7 months ago.
Content: As the CISO at a tech company, my responsibilities include empowering our software engineering teams to maintain a strong security posture of our products. While everyone agrees that security is important, the different incentives of security and engineering teams can make it harder to collaborate. Here's some advice on weaving security into the software de...
Copy Link: https://zeltser.com/securing-software-products/   
Published: 2023 10 05 18:53:35
Received: 2023 10 05 20:04:15
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: A Report Template for Incident Response - published 8 months ago.
Content: Preparing for cybersecurity and data privacy incidents involves creating checklists and documented plans to enable the response team to do their best during the incident. Preparation also includes creating a template that the team can use as the basis for the incident report, which is critical to ensuring that the incident is handled well. We created suc...
Copy Link: https://zeltser.com/incident-response-report-template/   
Published: 2023 09 13 14:39:17
Received: 2023 10 05 19:04:20
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: How Security Can Better Support Software Engineering Teams - published 7 months ago.
Content: As the CISO at a tech company (Axonius), my responsibilities include empowering our software engineering teams to maintain a strong security posture of our products. While everyone agrees that security is important, the different incentives of security and engineering teams can make it harder to collaborate. Here's some advice on weaving security into the s...
Copy Link: https://zeltser.com/securing-software-products/   
Published: 2023 10 05 18:53:35
Received: 2023 10 05 19:04:20
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Security Leaders Can Lower Expenses While Reducing Risk - published 9 months ago.
Content: As companies seek to optimize operations and constrain expenses, cybersecurity leaders worry about funding the projects we consider essential. Fortunately, in such an economic climate, we can achieve an outcome that benefits the organization from cybersecurity as well as financial perspectives. Here’s how. Start by critically reviewing how you’ll spend t...
Copy Link: https://zeltser.com/lower-cybersecurity-expenses-reduce-risk/   
Published: 2023 08 23 11:14:00
Received: 2023 09 13 14:43:44
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: A Report Template for Incident Response - published 8 months ago.
Content: Preparing for cybersecurity and data privacy incidents involves creating checklists and documented plans to enable the response team to do their best during the incident. Preparation also includes creating a template that the team can use as the basis for the incident report, which is critical to ensuring that the incident is handled well. We created suc...
Copy Link: https://zeltser.com/incident-response-report-template/   
Published: 2023 09 13 14:39:17
Received: 2023 09 13 14:43:44
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Let’s Address the Cybersecurity Careers Gap - published 12 months ago.
Content: Too many people are unsure how to enter or grow in the cybersecurity industry. It's a relatively young field, and we haven’t done a good job of defining what it means to have a career in it. Hiring managers who are worried about finding candidates because of the much-discussed cybersecurity skills gap should consider the underlying issue, which we might cal...
Copy Link: https://zeltser.com/cybersecurity-careers-gap/   
Published: 2023 05 12 00:39:43
Received: 2023 09 06 15:43:59
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Withholding Single Sign-On from SaaS Customers is Bad for Business and Security - published 12 months ago.
Content: Despite years of public shaming by security professionals, some SaaS vendors only offer Single Sign-On (SSO) in high-end "enterprise" product tiers. By withholding this capability from smaller organizations, they put customers' security at risk. Moreover, such vendors base a pricing strategy on a weak signal and miss an opportunity to lower their own securi...
Copy Link: https://zeltser.com/witholding-sso/   
Published: 2023 05 26 01:32:06
Received: 2023 08 23 11:24:24
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Security Leaders Can Lower Expenses While Reducing Risk - published 9 months ago.
Content: As companies seek to optimize operations and constrain expenses, cybersecurity leaders worry about funding the projects we consider essential. Fortunately, in such an economic climate, we can achieve an outcome that benefits the organization from cybersecurity as well as financial perspectives. Here’s how. Start by critically reviewing how you’ll spend t...
Copy Link: https://zeltser.com/lower-cybersecurity-expenses-reduce-risk/   
Published: 2023 08 23 11:14:00
Received: 2023 08 23 11:24:24
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: REMnux Tools List for Malware Analysis - published over 3 years ago.
Content: REMnux® offers a curated collection of free tools for reverse-engineering or otherwise analyzing malicious software. How to find the right tool for the job, given how many useful utilities come as part of the distro? To guide you through the process of examining malware, REMnux documentation lists the installed tools by category. Each grouping, which you...
Copy Link: https://zeltser.com/remnux-tools-list/   
Published: 2020 10 13 16:14:40
Received: 2023 08 21 14:03:21
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: How You Can Start Learning Malware Analysis - published over 3 years ago.
Content: Malware analysis sits at the intersection of incident response, forensics, system and network administration, security monitoring, and software engineering. You can get into this field by building upon your existing skills in any of these disciplines. As someone who's helped thousands of security professionals learn how to analyze malware at SANS Institute,...
Copy Link: https://zeltser.com/start-learning-malware-analysis/   
Published: 2021 01 06 16:09:04
Received: 2023 08 21 14:03:21
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: How to Ask Questions to Succeed with Security Projects - published over 2 years ago.
Content: No matter the years of experience in cybersecurity, security professionals are often in situations where crucial details are missing. Yet, we often hesitate to ask questions because we don't want to appear ignorant or don't know what to ask. I captured my perspective on asking questions in a constructive way in a three-post series. Read the posts to lear...
Copy Link: https://zeltser.com/how-to-ask-questions-to-succeed-with-security-projects/   
Published: 2021 10 14 14:53:00
Received: 2023 08 21 14:03:21
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Cybersecurity: No Longer the “Department of No” - published over 1 year ago.
Content: Cybersecurity leaders not only go against threat actors to defend the organization but also find themselves at odds with other business executives. How can we avoid fighting everyone? What does it take to ensure the security team doesn't become the department of "no"? We’re often in the position of having to deny people's requests. Our colleagues want t...
Copy Link: https://zeltser.com/cybersecurity-vs-everyone/   
Published: 2022 12 30 17:40:37
Received: 2023 08 21 14:03:21
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Shift Your Mindset from Conflict to Collaboration to Succeed in Security - published about 1 year ago.
Content: In the two decades I've spent in cybersecurity, I've observed and experienced the fighting spirit of security professionals: When tasked with safeguarding information assets, we envision ourselves erecting defenses to keep threat actors at bay, or we emulate malicious actions to find flaws in the organization's security measures before attackers exploit the...
Copy Link: https://zeltser.com/shift-your-mindset-from-conflict-to-collaboration-to-succeed-in-security/   
Published: 2023 03 29 14:24:13
Received: 2023 08 21 14:03:21
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Untangling the Complexity of SaaS Ownership in the Enterprise - published about 1 year ago.
Content: Before SaaS, employees had to rely on IT and other teams to procure software, which gave the organization a direct way of controlling such purchases and deployments. Now, employees can sign up for SaaS applications without involving anyone in the company. All it takes is a few clicks and (sometimes) a credit card for people to start using such products. In ...
Copy Link: https://zeltser.com/untangling-saas-complexity/   
Published: 2023 04 27 21:36:16
Received: 2023 08 21 14:03:21
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: As a CISO, Are You a Builder, Fixer, or Scale Operator? - published almost 1 year ago.
Content: When contemplating the next step in your career as a cybersecurity leader, understand what you do best and what you enjoy doing. Figuring this out will help you identify organizations and projects that will benefit from your superpowers and accelerate your growth as a professional. As an added bonus, you’ll be more effective in communicating how you bring v...
Copy Link: https://zeltser.com/builder-fixer-scale-operator/   
Published: 2023 05 10 16:20:17
Received: 2023 08 21 14:03:21
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Let’s Address the Cybersecurity Careers Gap - published 12 months ago.
Content: Too many people are unsure how to enter or grow in the cybersecurity industry. It's a relatively young field, and we haven’t done a good job of defining what it means to have a career in it. Hiring managers who are worried about finding candidates because of the much-discussed cybersecurity skills gap should consider the underlying issue, which we might cal...
Copy Link: https://zeltser.com/cybersecurity-careers-gap/   
Published: 2023 05 12 00:39:43
Received: 2023 08 21 14:03:21
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Three Ways CISOs Can Drive More Meaningful Collaboration - published 12 months ago.
Content: Today’s CISOs are more than technologists—we strive to make ourselves well-rounded business leaders. This involves aligning our efforts with business objectives and collaborating with colleagues who are not experts in IT or security. In fact, Gartner’s research found that top-performing CISOs regularly meet with three times as many non-IT stakeholders as th...
Copy Link: https://zeltser.com/cisos-and-collaboration/   
Published: 2023 05 16 01:41:38
Received: 2023 08 21 14:03:21
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Withholding Single Sign-On from SaaS Customers is Bad for Business and Security - published 12 months ago.
Content: Despite years of public shaming by security professionals, some SaaS vendors only offer Single Sign-On (SSO) in high-end "enterprise" product tiers. By withholding this capability from smaller organizations, they put customers' security at risk. Moreover, such vendors base a pricing strategy on a weak signal and miss an opportunity to lower their own securi...
Copy Link: https://zeltser.com/witholding-sso/   
Published: 2023 05 26 01:32:06
Received: 2023 08 21 14:03:21
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Three Ways CISOs Can Drive More Meaningful Collaboration - published 12 months ago.
Content: Today’s CISOs are more than technologists—we strive to make ourselves well-rounded business leaders. This involves aligning our efforts with business objectives and collaborating with colleagues who are not experts in IT or security. In fact, Gartner’s research found that top-performing CISOs regularly meet with three times as many non-IT stakeholders as th...
Copy Link: https://zeltser.com/cisos-and-collaboration/   
Published: 2023 05 16 01:41:38
Received: 2023 05 16 01:44:30
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Let’s Address the Cybersecurity Careers Gap - published 12 months ago.
Content: Too many people are unsure how to enter or grow in the cybersecurity industry. It's a relatively young field, and we haven’t done a good job of defining what it means to have a career in it. Hiring managers who are worried about finding candidates because of the much-discussed cybersecurity skills gap should consider the underlying issue, which we might cal...
Copy Link: https://zeltser.com/cybersecurity-careers-gap/   
Published: 2023 05 12 00:39:43
Received: 2023 05 13 14:44:20
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Address the Cybersecurity Careers Gap - published 12 months ago.
Content: Too many people are unsure how to enter or grow in the cybersecurity industry. It's a relatively young field, and we haven’t done a good job of defining what it means to have a career in it. Hiring managers who are worried about finding candidates because of the much-discussed cybersecurity skills gap should consider the underlying issue, which we might cal...
Copy Link: https://zeltser.com/cybersecurity-careers-gap/   
Published: 2023 05 12 00:39:43
Received: 2023 05 13 01:04:23
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: How to Tackle the Cybersecurity Careers Gap - published 12 months ago.
Content: Too many people are unsure how to enter or grow in the cybersecurity industry. It's a relatively young field, and we haven’t done a good job of defining what it means to have a career in it. Hiring managers who are worried about finding candidates because of the much-discussed cybersecurity skills gap should consider the underlying issue, which I'd like to ...
Copy Link: https://zeltser.com/cybersecurity-careers-gap/   
Published: 2023 05 12 00:39:43
Received: 2023 05 13 00:44:34
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: As a CISO, Are You a Builder, Fixer, or Scale Operator? - published almost 1 year ago.
Content: When contemplating the next step in your career as a cybersecurity leader, understand what you do best and what you enjoy doing. Figuring this out will help you identify organizations and projects that will benefit from your superpowers and accelerate your growth as a professional. As an added bonus, you’ll be more effective in communicating how you bring v...
Copy Link: https://zeltser.com/builder-fixer-scale-operator/   
Published: 2023 05 10 16:20:17
Received: 2023 05 10 16:24:17
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Untangling the Complexity of SaaS Ownership in the Enterprise - published about 1 year ago.
Content: Before SaaS, employees had to rely on IT and other teams to procure software, which gave the organization a direct way of controlling such purchases and deployments. Now, employees can sign up for SaaS applications without involving anyone in the company. All it takes is a few clicks and (sometimes) a credit card for people to start using such products. In ...
Copy Link: https://zeltser.com/untangling-saas-complexity/   
Published: 2023 04 27 21:36:16
Received: 2023 05 05 21:04:39
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Cybersecurity: No Longer the “Department of No” - published over 1 year ago.
Content: Cybersecurity leaders not only go against threat actors to defend the organization but also find themselves at odds with other business executives. How can we avoid fighting everyone? What does it take to ensure the security team doesn't become the department of "no"? We’re often in the position of having to deny people's requests. Our colleagues want t...
Copy Link: https://zeltser.com/cybersecurity-vs-everyone/   
Published: 2022 12 30 17:40:37
Received: 2023 04 18 15:24:13
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: How to Set Up a SpiderFoot Server for OSINT Research - published about 4 years ago.
Content: SpiderFoot is a tool for gathering Open Source Intelligence (OSINT) and threat intelligence about IPs, domains, e-mail addresses, and other research targets from many data sources, including services such as Shodan and Have I Been Pwned. Steve Micallef, the tool's author, offers a free, open source version of SpiderFoot. His team also provides an affordable...
Copy Link: https://zeltser.com/spiderfoot-server-setup/   
Published: 2020 04 17 01:10:28
Received: 2023 04 14 15:03:24
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Learning Malware Analysis and Cybersecurity Writing Online - published about 4 years ago.
Content: You can now take my malware analysis and cybersecurity writing courses online in two formats at SANS Institute, depending on how you prefer to learn: OnDemand: Self-paced, recorded training with four months of access to course materials and labs. You'll like this if you prefer to start, stop, or speed up training any time they want or who need the flexib...
Copy Link: https://zeltser.com/malware-analysis-and-writing-online-training/   
Published: 2020 04 20 03:31:40
Received: 2023 04 14 15:03:24
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Unemployment Insurance Fraud and Identity Theft: Up Close and Personal - published almost 4 years ago.
Content: In June 2020, the Federal Trade Commission (FTC) warned that "imposters are filing claims for unemployment benefits [in the US], using the names and personal information of people who have not filed claims." How do such scams look from the victim's perspective, and what can you do if you're affected? As a victim of this scheme, I'd like to share my experien...
Copy Link: https://zeltser.com/unemployment-fraud-and-identity-theft/   
Published: 2020 07 02 03:24:04
Received: 2023 04 14 15:03:23
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Version 7 of the REMnux Distro Is Now Available - published almost 4 years ago.
Content: 10 years after the initial release of REMnux, I'm thrilled to announce that REMnux version 7 is now available. This Linux distribution for malware analysis includes hundreds of new and classic tools for examining executables, documents, scripts, and other forms of malicious code. To start using REMnux v7, you can: Download REMnux as a virtual applianc...
Copy Link: https://zeltser.com/remnux-v7-release/   
Published: 2020 07 22 13:51:50
Received: 2023 04 14 15:03:23
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: How You Can Start Learning Malware Analysis - published over 3 years ago.
Content: Malware analysis sits at the intersection of incident response, forensics, system and network administration, security monitoring, and software engineering. You can get into this field by building upon your existing skills in any of these disciplines. As someone who's helped thousands of security professionals learn how to analyze malware at SANS Institute,...
Copy Link: https://zeltser.com/start-learning-malware-analysis/   
Published: 2021 01 06 16:09:04
Received: 2023 04 14 15:03:23
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: How to Ask Questions to Succeed with Security Projects - published over 2 years ago.
Content: No matter the years of experience in cybersecurity, security professionals are often in situations where crucial details are missing. Yet, we often hesitate to ask questions because we don't want to appear ignorant or don't know what to ask. I captured my perspective on asking questions in a constructive way in a three-post series. Read the posts to lear...
Copy Link: https://zeltser.com/how-to-ask-questions-to-succeed-with-security-projects/   
Published: 2021 10 14 14:53:00
Received: 2023 04 14 15:03:23
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Shift Your Mindset from Conflict to Collaboration to Succeed in Security - published about 1 year ago.
Content: In the two decades I've spent in cybersecurity, I've observed and experienced the fighting spirit of security professionals: When tasked with safeguarding information assets, we envision ourselves erecting defenses to keep threat actors at bay, or we emulate malicious actions to find flaws in the organization's security measures before attackers exploit the...
Copy Link: https://zeltser.com/shift-your-mindset-from-conflict-to-collaboration-to-succeed-in-security/   
Published: 2023 03 29 14:24:13
Received: 2023 04 14 15:03:22
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Cybersecurity vs. Everyone - published over 1 year ago.
Content: Cybersecurity leaders not only go against threat actors to defend the organization but also find themselves at odds with other business executives. How can we avoid fighting everyone? What does it take to ensure the security team doesn't become the department of "no"? In the following conversation with Chris Cochran and Ron Eddings at Hacker Valley, I di...
Copy Link: https://zeltser.com/cybersecurity-vs-everyone/   
Published: 2022 12 30 17:40:37
Received: 2022 12 30 17:42:57
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Top 10 Cybersecurity Writing Mistakes - published over 4 years ago.
Content: Want to strengthen your writing in under an hour? Watch the video I recorded to help you avoid the top 10 writing mistakes I've encountered when working as a cybersecurity professional. The mistakes you'll see in this video—and the practical tips for avoiding them—span the key aspects of technical writing: structure, look, words, tone, and informat...
Copy Link: https://zeltser.com/cybersecurity-writing-mistakes/   
Published: 2019 10 05 01:00:36
Received: 2022 11 02 21:04:34
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: What’s It Like for a New CISO? - published about 4 years ago.
Content: As of this writing, I've spent six months in the role of Chief Information Security Officer (CISO) at Axonius, a rapidly growing technology company. Though I've held a variety of leadership positions over the years, working in this capacity and setting is new for me. I've been capturing aspects of my journey in talks and articles so that others might learn ...
Copy Link: https://zeltser.com/new-ciso-impressions/   
Published: 2020 02 13 16:38:59
Received: 2022 11 02 21:04:34
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: How to Set Up a SpiderFoot Server for OSINT Research - published about 4 years ago.
Content: SpiderFoot is a tool for gathering Open Source Intelligence (OSINT) and threat intelligence about IPs, domains, e-mail addresses, and other research targets from many data sources, including services such as Shodan and Have I Been Pwned. Steve Micallef, the tool's author, offers a free, open source version of SpiderFoot. His team also provides an affordable...
Copy Link: https://zeltser.com/spiderfoot-server-setup/   
Published: 2020 04 17 01:10:28
Received: 2022 11 02 21:04:34
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Learning Malware Analysis and Cybersecurity Writing Online - published about 4 years ago.
Content: You can now take my malware analysis and cybersecurity writing courses online in two formats at SANS Institute, depending on how you prefer to learn: OnDemand: Self-paced, recorded training with four months of access to course materials and labs. You'll like this if you prefer to start, stop, or speed up training any time they want or who need the flexib...
Copy Link: https://zeltser.com/malware-analysis-and-writing-online-training/   
Published: 2020 04 20 03:31:40
Received: 2022 11 02 21:04:34
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: How You Can Write Better Threat Reports - published almost 4 years ago.
Content: Writing about cybersecurity threats, such as phishing campaigns, malware infections, and attack groups, is challenging for many reasons. How should you decide what details to include? How can you persuade the readers that your analysis is sound? How might you address the needs of multiple audiences? I'm happy to share what I've learned over the years abo...
Copy Link: https://zeltser.com/write-better-threat-reports/   
Published: 2020 07 01 13:42:51
Received: 2022 11 02 21:04:33
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Unemployment Insurance Fraud and Identity Theft: Up Close and Personal - published almost 4 years ago.
Content: In June 2020, the Federal Trade Commission (FTC) warned that "imposters are filing claims for unemployment benefits [in the US], using the names and personal information of people who have not filed claims." How do such scams look from the victim's perspective, and what can you do if you're affected? As a victim of this scheme, I'd like to share my experien...
Copy Link: https://zeltser.com/unemployment-fraud-and-identity-theft/   
Published: 2020 07 02 03:24:04
Received: 2022 11 02 21:04:33
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Version 7 of the REMnux Distro Is Now Available - published almost 4 years ago.
Content: 10 years after the initial release of REMnux, I'm thrilled to announce that REMnux version 7 is now available. This Linux distribution for malware analysis includes hundreds of new and classic tools for examining executables, documents, scripts, and other forms of malicious code. To start using REMnux v7, you can: Download REMnux as a virtual applianc...
Copy Link: https://zeltser.com/remnux-v7-release/   
Published: 2020 07 22 13:51:50
Received: 2022 11 02 21:04:33
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: REMnux Tools List for Malware Analysis - published over 3 years ago.
Content: REMnux® offers a curated collection of free tools for reverse-engineering or otherwise analyzing malicious software. How to find the right tool for the job, given how many useful utilities come as part of the distro? To guide you through the process of examining malware, REMnux documentation lists the installed tools by category. Each grouping, which you...
Copy Link: https://zeltser.com/remnux-tools-list/   
Published: 2020 10 13 16:14:40
Received: 2022 11 02 21:04:33
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: How You Can Start Learning Malware Analysis - published over 3 years ago.
Content: Malware analysis sits at the intersection of incident response, forensics, system and network administration, security monitoring, and software engineering. You can get into this field by building upon your existing skills in any of these disciplines. As someone who's helped thousands of security professionals learn how to analyze malware at SANS Institute,...
Copy Link: https://zeltser.com/start-learning-malware-analysis/   
Published: 2021 01 06 16:09:04
Received: 2022 11 02 21:04:33
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: How to Ask Questions to Succeed with Security Projects - published over 2 years ago.
Content: No matter the years of experience in cybersecurity, security professionals are often in situations where crucial details are missing. Yet, we often hesitate to ask questions because we don't want to appear ignorant or don't know what to ask. I captured my perspective on asking questions in a constructive way in a three-post series. Read the posts to lear...
Copy Link: https://zeltser.com/how-to-ask-questions-to-succeed-with-security-projects/   
Published: 2021 10 14 14:53:00
Received: 2022 11 02 21:04:33
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: The State of Malware Analysis: Advice from the Trenches - published over 4 years ago.
Content: What malware analysis approaches work well? Which don't? How are the tools and methodologies evolving? The following discussion--captured as an MP3 audio file--offers friendly advice from 5 malware analysts. These are some of the practitioners who teach the reverse-engineering malware course (FOR610) at SANS Institute: Jim Clausing: Security Architect at...
Copy Link: https://zeltser.com/state-of-malware-analysis/   
Published: 2019 09 26 13:45:48
Received: 2021 06 06 09:05:26
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Top 10 Cybersecurity Writing Mistakes - published over 4 years ago.
Content: Want to strengthen your writing in under an hour? Watch the video I recorded to help you avoid the top 10 writing mistakes I've encountered when working as a cybersecurity professional. The mistakes you'll see in this video—and the practical tips for avoiding them—span the key aspects of technical writing: structure, look, words, tone, and informat...
Copy Link: https://zeltser.com/cybersecurity-writing-mistakes/   
Published: 2019 10 05 01:00:36
Received: 2021 06 06 09:05:26
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: What’s It Like for a New CISO? - published about 4 years ago.
Content: As of this writing, I've spent six months in the role of Chief Information Security Officer (CISO) at Axonius, a rapidly growing technology company. Though I've held a variety of leadership positions over the years, working in this capacity and setting is new for me. I've been capturing aspects of my journey in talks and articles so that others might learn ...
Copy Link: https://zeltser.com/new-ciso-impressions/   
Published: 2020 02 13 16:38:59
Received: 2021 06 06 09:05:26
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: How to Set Up a SpiderFoot Server for OSINT Research - published about 4 years ago.
Content: SpiderFoot is a tool for gathering Open Source Intelligence (OSINT) and threat intelligence about IPs, domains, e-mail addresses, and other research targets from many data sources, including services such as Shodan and Have I Been Pwned. Steve Micallef, the tool's author, offers a free, open source version of SpiderFoot. His team also provides an affordable...
Copy Link: https://zeltser.com/spiderfoot-server-setup/   
Published: 2020 04 17 01:10:28
Received: 2021 06 06 09:05:26
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Learning Malware Analysis and Cybersecurity Writing Online - published about 4 years ago.
Content: You can now take my malware analysis and cybersecurity writing courses online in two formats at SANS Institute, depending on how you prefer to learn: OnDemand: Self-paced, recorded training with four months of access to course materials and labs. You'll like this if you prefer to start, stop, or speed up training any time they want or who need the flexib...
Copy Link: https://zeltser.com/malware-analysis-and-writing-online-training/   
Published: 2020 04 20 03:31:40
Received: 2021 06 06 09:05:26
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: How You Can Write Better Threat Reports - published almost 4 years ago.
Content: Writing about cybersecurity threats, such as phishing campaigns, malware infections, and attack groups, is challenging for many reasons. How should you decide what details to include? How can you persuade the readers that your analysis is sound? How might you address the needs of multiple audiences? I'm happy to share what I've learned over the years abo...
Copy Link: https://zeltser.com/write-better-threat-reports/   
Published: 2020 07 01 13:42:51
Received: 2021 06 06 09:05:26
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Unemployment Insurance Fraud and Identity Theft: Up Close and Personal - published almost 4 years ago.
Content: In June 2020, the Federal Trade Commission (FTC) warned that "imposters are filing claims for unemployment benefits [in the US], using the names and personal information of people who have not filed claims." How do such scams look from the victim's perspective, and what can you do if you're affected? As a victim of this scheme, I'd like to share my experien...
Copy Link: https://zeltser.com/unemployment-fraud-and-identity-theft/   
Published: 2020 07 02 03:24:04
Received: 2021 06 06 09:05:26
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Version 7 of the REMnux Distro Is Now Available - published almost 4 years ago.
Content: 10 years after the initial release of REMnux, I'm thrilled to announce that REMnux version 7 is now available. This Linux distribution for malware analysis includes hundreds of new and classic tools for examining executables, documents, scripts, and other forms of malicious code. To start using REMnux v7, you can: Download REMnux as a virtual applianc...
Copy Link: https://zeltser.com/remnux-v7-release/   
Published: 2020 07 22 13:51:50
Received: 2021 06 06 09:05:26
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: REMnux Tools List for Malware Analysis - published over 3 years ago.
Content: REMnux® offers a curated collection of free tools for reverse-engineering or otherwise analyzing malicious software. How to find the right tool for the job, given how many useful utilities come as part of the distro? To guide you through the process of examining malware, REMnux documentation lists the installed tools by category. Each grouping, which you...
Copy Link: https://zeltser.com/remnux-tools-list/   
Published: 2020 10 13 16:14:40
Received: 2021 06 06 09:05:26
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: How You Can Start Learning Malware Analysis - published over 3 years ago.
Content: Malware analysis sits at the intersection of incident response, forensics, system and network administration, security monitoring, and software engineering. You can get into this field by building upon your existing skills in any of these disciplines. As someone who's helped thousands of security professionals learn how to analyze malware at SANS Institute,...
Copy Link: https://zeltser.com/start-learning-malware-analysis/   
Published: 2021 01 06 16:09:04
Received: 2021 06 06 09:05:26
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security