Web server security: Web server hardening
A web server is not just any other device that you employ in your network environment. Unlike other devices sitting behind layers of defenses and firewalls,...
Patrick Mallory
Patrick’s background includes Strategy and Cyber Risk Services consulting experience with Deloitte Consulting with both States and large Federal transportation and security agencies. He also served 3 years as a Deputy CIO for the City of Raleigh, where he assisted with the implementation of security policies, tools, and employee education initiatives as well as PCI, CJIS, and HIPAA compliance. He currently supports the IT infrastructure for the U.S. State Department.
Patrick also holds CISSP, CISM, and Security+ certifications as well as a PMP. He holds an MS in Information Technology – Cybersecurity and MS Public Policy from Carnegie Mellon University, where he assisted with graduate level teaching in the information security program.
Page 3
Getting Started with Web Server Security
The role that the internet plays in people’s lives and business operations has only continued to increase as advancements in web services, web-based applications...
Ethical hacking: wireless hacking with Kismet
To continue our ethical hacking series, we are now going to dive deeper into the process of wardriving, wireless hacking and the roles that the Linux tool...
NIST CSF: Risk Management Framework
In February 2014, the National Institute of Standards and Technology (NIST) published its “Framework for Improving Critical Infrastructure Cybersecurity,”...
The National Institute of Standards and Technology Cybersecurity Framework (NIST NSF): Overview
You can’t examine any newspaper, business magazine or cable news coverage without seeing the impact that high-profile data breaches and cyberattacks are...
Network traffic analysis for IR: Data collection and monitoring
Data collection and analysis for use by network engineers, security professionals and incident response has only exploded over the years with the growth of...
Network traffic analysis for IR: Alternatives to Wireshark
It is almost impossible to leave a conversation with a cybersecurity professional, take an introductory networking class, or break into ethical hacking without...
Network traffic analysis for IR: Data analysis for incident response
While no incident is the same, security professionals have come to rely on pre-established procedures and best practices to help contain a security breach...
Network traffic analysis for IR: Threat intelligence collection and analysis
While any security professional can call themselves an analyst, the full scale and scope of the cyber-threat intelligence analyst is often underestimated....
Network traffic analysis for incident response
Sophisticated cybercriminals understand the techniques and tools that they need to employ to move undetected throughout a victim network until they are able...