<img height="1" width="1" src="https://www.facebook.com/tr?id=1879927395628828&amp;ev=PageView &amp;noscript=1">
Carol Mangus

Carol Mangus

Recent Posts By Carol Mangus

Making Users Hack Themselves - The XSS Bottom Line

In Cross-Site Scripting (XSS) the 2 most common types of this vulnerability are: Persisted and Reflected. No business ...

Putting the “SERVICE” into Security Services – 3 Myths Busted

Target is hacked, Anthem is hacked, Sony is hacked and so on and so on and so on... Yet security is still a harder sell ...

Prep Work – A Recipe for Success

In many of the posts I’ve written, I discuss that AsTech does many types of security assessments.  Typically, they are ...

House Hunters — Log Home Edition

Ding dong — cue the cheesy music. It’s house hunters: “log” home edition! So, you are looking for a home for your logs. ...

Password Managers & Autosave=Off — The Bottom Line

The past 2 informative blog posts from Alec Shcherbakov and Phil Seay dealt with the use of Password Managers and the ...

Off Target – Fines as a Deterrent

Breaking news: Target agrees to pay 18.5 million dollars to settle suits by 47 states in connection with their 2013 ...

Patchwork

In a never-ending series of public service announcements (or so it seems), I would hereby like to broadcast the ...

Patterns of Predictability – The Joy of Heuristic Analysis

Many of the clients that AsTech works with are collecting logs from various devices, databases, etc. A good first step. ...

Sunrise or Sunset? Where Does Your Business Stand?

AsTech does many Security Best Practices Assessments. Understandable, it’s our business to do them. As a natural part ...

Security and Risk – A Business Primer Part II

After going through the steps outlined in Part I, now you have an updated plan and you know where you need to go. So ...

Security and Risk - A Business Primer Part I

If I had a dollar for every time I went into a business on a security engagement and found it to be either inadequately ...

SOLD – To the Highest Bidder

With a stroke of the pen, your rights to broadband privacy were wiped out completely on April 25, 2017. The president ...

New York, New York, A Helluva Town (and State) – Part III

In parts I and II of the series on New York state’s new banking security regulations, we explored the requirements due ...

Top 5 Reasons Web Applications Still Have Those Pesky Security

I’ll admit I really love this blog. Steve Wolf tells us eloquently why 15 year old vulnerabilities are still out there ...

New York, New York, A Helluva Town (and State) – Part II

In part I of the series on New York state’s new banking security regulations, which went into effect on March 1, 2017, ...

Want more of the AsTech Blog? You got it.
Blog subscribers get email updates twice a week.

Comments