blog.stratumsecurity.com
Stratum Security BlogAppSec, Research, Sarcasm
http://blog.stratumsecurity.com/
AppSec, Research, Sarcasm
http://blog.stratumsecurity.com/
TODAY'S RATING
>1,000,000
Date Range
HIGHEST TRAFFIC ON
Monday
LOAD TIME
3.6 seconds
16x16
32x32
64x64
PAGES IN
THIS WEBSITE
9
SSL
EXTERNAL LINKS
10
SITE IP
54.192.127.136
LOAD TIME
3.625 sec
SCORE
6.2
Stratum Security Blog | blog.stratumsecurity.com Reviews
https://blog.stratumsecurity.com
AppSec, Research, Sarcasm
blog.stratumsecurity.com
Stratum Security Blog - Page 2
https://blog.stratumsecurity.com/page/2
AppSec, Research, Sarcasm. Page 2 of 2. Journey into WebSockets Authentication/Authorization. One subject that is often mentioned in talks about WebSockets security, is how WebSockets does not implement authentication/authorization in the protocol. This might not be ». Webinar wrap up: Safeguarding your network from Data Exfiltration attacks. Read a recent news article about a data breach and it will likely mention data exfiltration. It’s usually the last event of a string of ». Page 2 of 2.
Joining Hands and Singing Merrily Part 1
https://blog.stratumsecurity.com/2016/08/16/joining-hands-and-singing-merrily-part-1-3
Joining Hands and Singing Merrily Part 1. XFIL - A Case Study. For our exploration, we are going to use Stratum Security's XFIL project, of which I am the lead developer, as a case study to see what a security-focused development process looks like in the real world. There is already an abundance of excellent material on the subject, but I believe our experience can bring context into the everyday of software development. Agent Identities and Data Integrity. Dealing With Insecure Protocols. A big part of...
Joining Hands and Singing Merrily Part 2
https://blog.stratumsecurity.com/2016/08/22/joining-hands-and-singing-merrily-part-2-2
Joining Hands and Singing Merrily Part 2. In the last post of this series. Choosing which programming language to use is an important and sometimes difficult decision to make. Your choice of language brings with it a domain of risks that you have to be prepared to deal with. In Stratum's case, we have a wide assortment of needs in different domains, and we have chosen a few different languages to cover them. Google's Go programming language. It is an incredibly simple language by design, so it's easy for...
Joining Hands and Singing Merrily Part 3
https://blog.stratumsecurity.com/2016/08/24/joining-hands-and-singing-merrily-part-3
Joining Hands and Singing Merrily Part 3. In my last post. Let's go ahead now and dive into one of the major categories of security-related functionality that is critical to most applications, and certainly to a couple of significant parts of XFIL as well. Authentication is all about establishing identity. In XFIL, there are two external parties, i.e. not XFIL services, that we need to be able to identify: human users, and our agent software. Allowing users to supply arbitrarily long (maybe up to a.
Joining Hands and Singing Merrily Part 4
https://blog.stratumsecurity.com/2016/09/06/joining-hands-and-singing-merrily-part-4
Joining Hands and Singing Merrily Part 4. We also presented our solution to authenticating agent software, which uses a challenge-response protocol taking advantage of asymmetric cryptography. In this post, we're going to look at the problem of authorization, and some of the challenges of addressing it in a microservice-based architecture. A process of determining the authenticity of a claim, e.g. that a user is who they claim to be. And prove this claim by including the secret password P. Consider the c...
TOTAL PAGES IN THIS WEBSITE
9
Services | Stratum Security
http://stratumsecurity.com/services
Stratum Security provides high quality information security assessment services that provide the customer with clear and concise risk information. Each of Stratum’s offerings assesses the security posture of key technology layers within an organization’s environment. Each engagement is delivered by a team of experienced security professionals that leverage cutting edge technology and a proven methodology. XFIL – Data Exfiltration Tool. Has your organization’s investment in security had an impact? Penetra...
Company | Stratum Security
http://stratumsecurity.com/company
Stratum Security is an information security consulting company headquartered in the Washington DC Metro area. Founded in 2005, we provide services to clients world wide. Our list of clients include large multi-national enterprises to small start-ups in numerous industries including finance, insurance, retail, hospitality, health care, government, technology, energy, and telecommunications. Nate Miller, CISSP, Co-Founder and Managing Principal. Jeff LoSapio, Managing Partner. I just published a new .
Web Application Security | Stratum Security
http://stratumsecurity.com/services/web-application-security
The demands of the marketplace are pushing business-critical applications and processes to the edge of the network perimeter where they are exposed to the Internet, business partners, and customers via web based applications. The organization demands assurance that the applications provide secure and continuous service. Once the applications have been identified and assigned a criticality rating, Stratum develops abuse cases that are used as a guide when performing the security assessment. Using thes...
XFIL | Stratum Security
http://stratumsecurity.com/xfil
Every time you read about a major data breach, the company was losing data for several months or years before they knew about it. Even after a full forensics review, it’s often unknown exactly how long the network had been compromised. Why does this keep happening? Because organizations do not sufficiently test their egress controls. How well protected are you from the internal network back out to the Internet? Can your current security controls detect data being siphoned out of your network? One of the ...
Getting More From Nikto – Part 1 | Stratum Security
http://stratumsecurity.com/2012/09/21/nikto-part-1
Getting More From Nikto – Part 1. Nikto, the well known web vulnerability scanner, derives its name from the movie “The Day The Earth Stood Still”. I found that piece of trivia here. I wanted to write a series of posts about improving Nikto usage for web application and network assessments, as its use is commonplace. If you are completely unfamiliar with Nikto, review the home page. For tips on basic usage. Throughout these posts, I will use Backtrack. Easy to do, easy to forget. Updated to revision 850.
New Infographic: What the 2013 Verizon Data Breach Report tells us about phishing
http://stratumsecurity.com/2013/04/27/infographic-2013-verizon-data-breach-report-tells-phishing
New Infographic: What the 2013 Verizon Data Breach Report tells us about phishing. I just published a new blog post on our ThreatSim blog “ What the 2013 Verizon Data Breach Report tells us about phishing. 8220; We put together an infographic that lays out some of the highlights from the report. Courtesy of: ThreatSim: Proactive Phishing Defense. Leave a Reply Cancel reply. Stratum Security Home Page. Herndon, VA 20170. Have Stratum Contact Me.
Security Program Development | Stratum Security
http://stratumsecurity.com/services/security-program-development
Modern businesses can no longer ignore the need for information security. Some organizations do not require a full time CISO or security manager but need an on-demand resource for security guidance and support. Stratum Security has helped small to medium business tackle security challenges from the data center to the boardroom. Our consultants can assist you in everything from staff augmentation, secure software development, and security program development. XFIL – Data Exfiltration Tool.
13 Practical and Tactical Cloud Security Controls in EC2
http://stratumsecurity.com/2012/12/03/practical-tactical-cloud-security-ec2
13 Practical and Tactical Cloud Security Controls in EC2. If you are hosted on a cloud platform, you may share certain hardware components with other customers (e.g. the hypervisor). You need to understand what you can protect, where you lose visibility, and where you need/can apply extra security sauce. Let me preface these recommendations with the following caveats:. This will be focused on EC2, and Infrastructure as a Service (IaaS) provider. 1 Use a Virtual Private Cloud (VPC). You don’t need t...
Stratum Security
https://stratumsecurity.com/blog
Webinar wrap up: “Safeguarding your network from Data Exfiltration attacks”. Read a recent news article about a data breach and it will likely mention data exfiltration. It’s usually the last event of a string of seemingly preventable mishaps that result in a lot of people getting free credit reporting (or, as of late, uncomfortable conversations with your spouse). The exfiltration bit can usually be found right before a I-told-you-so quote from a vendor:. We can help, please Google us. Last week our CTO...
TOTAL LINKS TO THIS WEBSITE
10
Блог Стратоплана - Школа менеджеров говорит и показывает
Школа менеджеров говорит и показывает. Как попасть в ловушку для умных. Программа поддержки выпускников П21-БТ. Извините, это не вам. Как навести мосты в соседние команды, или немного о нетворкинге. 3 идеи, как улучшить отношения с неприятными людьми. Программа 21: управление проектами. База знаний: инструкция по созданию и применению. Что изменилось в управлении проектами за год? Интервью с Иваном Селиховкиным. Школа 2.0: взгляд изнутри. Как попасть в ловушку для умных. Извините, это не вам.
Blog - STRATTON MOUNTAIN BLOG
The Official Blog of. March 12, 2018. New Snow Bowl Lift, Mountain Bike Trails on the Way. Today’s news was met with a round of applause heard across the mountain. Capital projects totaling $10…. February 23, 2018. BMW Winter XDrive Experience with Ricky Buhr and Pro NASCAR driver James Bickford. Last Saturday morning I was walking through the village about to get my daily bacon, egg, and…. January 26, 2018. Stratton’s New Snowcat Ride With Dinner. January 11, 2018. What’s going on Stratton Mountain!
G Bruce Stratton Architects
Friday, 13 September 2013. GBSA wins Award of Excellence at TUDA 2013. G Bruce Stratton Architects wins Award of Excellence in 'Public Buildings in Context' category for Mount Dennis Library Renovation (TPL) at the 2013 Toronto Urban Design Awards. September 11, 2013. Palais Royale - Toronto. Of the 125 submissions made by firms. Throughout the City of Toronto. Award Acceptance by Bruce Stratton (GBSA) and Anne Bailey (TPL). Its place as an important community landmark for the area.". Labels: 2013 Toront...
default.secureserver.net
NEW STRATUM INSURANCE BLOG LINK. Posted on December 8, 2012. Bull; 0 Comments. Please use our new Stratum Insurance Blog Link. Posted on May 13, 2015. Bull; 0 Comments. Remember that our block is now located here: https:/ stratuminsurance.com/blog/ Click below to go there now. Posted on January 1, 2013. Bull; 0 Comments. Welcome to 2013 and happy new year to all. Big things are coming to small business from the Stratum teams! Stay tuned… — Stratum Insurance Agency LLC. Posted on December 4, 2012. Alaska ...
Stratumn Blog
Page 1 of 1. Identity as a Process - Part II. This is part of a series on Identity. Part I is here. While identity is modeled as a noun in the old paradigm, in the new paradigm it is modeled as an active ». Identity as a Process - Part I. We can begin to consider a new paradigm for identity by thinking in terms of chains of processes. If a process can be digitally modeled as a chain then each step of the ». Breaking out of Distributed Ledgers. From Security to Trust. The Wright Brothers' solution to the ...
Stratum Security Blog
AppSec, Research, Sarcasm. Page 1 of 2. Older Posts →. Joining Hands and Singing Merrily Part 5. Welcome to the last of Stratum Security's series of blog posts about the XFIL team's secure software development process. If you have made it here, hopefully ». Joining Hands and Singing Merrily Part 4. The last post I wrote in this series focused on the problem of authentication and the two places where we need a solid solution for it ». Joining Hands and Singing Merrily Part 3. Page 1 of 2.
Stratus | The World in Layers
The World in Layers. Skip to primary content. Skip to secondary content. Creating Flash Video from WMV files using Mencoder. PHP: List URLs by Day. PHP: Met Office Weather Upload (WOW). PHP: Ultimeter 800 Weather Station (CWOP). PHP: Weather script from APRS reports. PHP: Webcam – Add a Title and Date/Time. Simple batch GIF Animation for Weather Forecast. Difference Bearing Calculator in PHP. Here’s the code that has now been proven to work. The function can be tested by using this simple PHP script:.
LED Технологии
Блог за LED технологиите. Мар 2, 2013. LED дисплеи (светодиодни екрани). При покупка и монтаж на LED дисплеи. Желаете да имате огромна рекламна площ, на която може да промотирате своите продукти или такива на трети лица срещу заплащане? Къде могат да се използват светодиодни екрани и същевременно да се извлече най-вече максимална полза от тях? Къде още LED екрани могат да бъдат използвани в сгради и на открито? На какви фактори трябва да обърнем внимание пред да закупим LED дисплеи? Мар 2, 2013. Изобрета...
StratusLIVE-Home Page
Maximize fundraising results with Nonprofit Business Intelligence from StratusLIVE. Success depends on people. Improve teamwork, share information, and increase fundraising with StratusLIVE. Reach the right audience, at the right time, with the right message. Nonprofits like National Wildlife Federation, Humane Society of the US, and United Ways across the country are Upgrading to StratusLIVE. Anywhere Anytime Real Time. Build relationships and engage your. 6465 College Park Square, Suite 400.
Straub Photography | Evansville, IN | Posts
2015 Senior Specials are Here! Published April 23rd, 2015 by Kristina Arwood. Published February 10th, 2015 by Kristina Arwood. A new year means new happenings and new specials at Straub Photography! Stay current with Straub Photography by liking our Facebook page. Check back in the next couple of weeks to see some changes to our blog and site. Be on the look out for upcoming specials! Published May 2nd, 2012 by Kristina Arwood. Don't forget we offer our senior session fees at 50%. Two styles are availab...
Strauss blog - Food for thought | Strauss group
Press Enter to skip to next section. Is James Damore right? How sweet is my tooth? Technological knowledge as an asset. Four children’s breakfasts for four kinds of mornings. Between revival and security, between agriculture and thirst. Four children’s breakfasts for four kinds of mornings. Gluten Sensitivity: Smart Nutrition for Kids. Mom, am I allowed? The question no one asks me any more. Why is it Important to Drink Water in Winter as Well? Moving the Clock and the Body:Tips for Winter Nutrition.
SOCIAL ENGAGEMENT