877.791.9571 |

About the Author:

Jonathan Lampe, CISSP has led the development of award-winning security software and supporting services for Standard Networks, Ipswitch, and  SolarWinds.  He holds computer science and business degrees from Northern Illinois University and the University of Wisconsin, and currently holds SANS GSNA and CCSK certifications in addition to his (ISC)2 credentials.  When not coding, hacking, or writing, Lampe likes to spend time with his family in the beautiful Wisconsin outdoors.
SecPrac09032014

Three Security Practices That IoT Will Disrupt

I made it back from DEFCON with both my phone and tablet intact, but I’m happy I didn’t bring a light bulb. You see, if had brought a light […]

email-headers-sized

Top 5 Email Retention Policy Best Practices

Email retention policies are no longer just about conserving space on your Exchange server. Today you must take into account how your email retention controls increase or decrease risk […]

A+04012014

CompTIA Security+ SY0-401 vs. SY0-301 Changes

, ,

A new version of the popular CompTIA Security+ certification is out, and the content it covers has expanded significantly over the past three years. The six domains the exam […]

Hacking Static Passwords

How to Perform a Safe Password Analysis

It’s one of the most exciting moments in a security researcher’s work: while looking through an obscure log file, you see strings like “James1984″ and “SecureMe!” scattered throughout the […]

CISSP-Test2-01222014

CISSP Drag & Drop and Hotspot Questions: 5 More Examples

,

In my last article, I covered five questions similar to those on the official CISSP Exam. The new CISSP exam format was introduced in 2014 with “drag-and-drop” and “hotspot” […]

CISSP01212014

CISSP Drag & Drop and Hotspot Questions: 5 Examples

,

So you’re thinking of earning your CISSP. Wouldn’t you like to see some sample questions from the legendary CISSP test? There has been a lot written about sample CISSP […]

password-cracking-02222013

Beyond Password Length and Complexity

,

(or “Why PCI-DSS-Compliant Passwords Aren’t Enough” or “PCI-DSS-Compliant Password Analysis Reveals One-Quarter Still Trivially Compromisable”)

Thanks to PCI-DSS requirements and other security standards that specify a minimum length and strength […]

owasplogo-06272013

OWASP Top Ten Testing and Tools for 2013

In 2013 OWASP completed its most recent regular three-year revision of the OWASP Top 10 Web Application Security Risks. The Top Ten list has been an important contributor to […]

owasp_feature

OWASP’s 2013 Web Vulnerabilities List Will Shuffle the Top Ten

The OWASP Top 10 list publicizes the most critical web application security flaws as determined by Open Web Application Security Project (OWASP), a nonprofit, vendor-independent IT security organization formed […]

Cracked Web Applications

Cracked Web Applications Leak Credentials and Data

If you’ve been paying attention to vulnerabilities in web applications, you’ve certainly heard of attacks involving SQL injections, cross-site scripting, and poor session management. Thanks to the efforts of […]