Posted By News | November 9th, 2010
Prolific Solutions CTO, Nick Popovich, learned yesterday that he passed his OSCP certification. The OSCP certification is not for the faint-of-heart; it’s not a 4-hour multiple choice exam. The exam itself consists of a 24-hour window to compromise 5 machines. It’s a certification that really demonstrates the technical prowess and skill set of Nick in … Continue reading
Tags: certification, OSCP, penetration testing
Filed In: News & Events, Press Releases
Posted By Nick | November 2nd, 2010
It has been quite a few weeks since my last blog post. I have been very busy with the PWB course from offensive security, as well as the daily grind to put food on the table. But, that’s no excuse! Hard core *nix enthusiasts will no doubt say “duh” to the knowledge I’m attempting to … Continue reading
Tags: account creation, Backtrack, guid, Information Security, Linux, non interactive, OCSP, pen test, penetration testing, pw, PWB, Root, root user, second root user, Security, uid, useradd
Filed In: IT Infrastructure Security, Security Testing
Posted By Chris | October 8th, 2010
http://meritalk.com/blog.php?user=SteveOKeeffe&blogentry_id=2458 Asks some interesting questions. I put my two cents at the bottom. Continue reading
Tags: Compliance, FISMA
Filed In: Compliance
Posted By News | September 3rd, 2010
Prolific Solutions today announced that proGD, software designed to facilitate vulnerability scanning with a DISA scanning tool, has been awarded the Certificate of Networthiness (CoN) and a Computer Hardware, Enterprise Software and Solutions (CHESS) waiver from the U.S. Army Network Enterprise Technology Command. This certification demonstrates that proGD meets strict U.S. Army and Department of … Continue reading
Tags: Army Enterprise Infrastructure Network, Certificate of Networthiness, CoN, DISA, DoD, Gold Disk, IASE, Information Assurance, proGD, US ARMY
Filed In: IT Infrastructure Security, News & Events, Press Releases, Software and Automation
Posted By Chris | August 23rd, 2010
Management style is an area of operations that has more impact on an organization’s security posture than most would assume. There are a lot of policy level decisions with legal ramifications that management is faced with on a daily basis as part of their overarching responsibilities. Driving standards and approved operating procedure from the management level can exude some fantastic benefits if approached in a suitable manner. Creating and adhering to well-developed processes takes a lot of the guess work out of daily activities of employees, and moreover, provides a solid foundation to ensure that all requirements are being met and that all employees know the rules of the game. Continue reading
Tags: Information Assurance, Information Security, Management, philosophy, Security, security training
Filed In: Business Practices, Management Practices
Posted By Chris | August 18th, 2010
As part of the IATAC SME (Subject Matter Expert) Program, we are occasionally forwarded questions and asked for our input. The most recent request for information was interesting, so I thought I’d share my response here. Due to Federal Information Security Management Act (FISMA) Certification and Accreditation (C&A) requirements, the government and military operate using … Continue reading
Tags: Approved IA Products List, Approved Product List, C&A, CoN, DIACAP, IATAC, SME
Filed In: Business Practices, IATAC SME Program, IT Infrastructure Security, Software and Automation
Posted By Chris | August 17th, 2010
“The new malicious program penetrates smartphones running Android in the guise of a harmless media player application. Users are prompted to install a file of just over 13 KB with the standard Android extension *.APK. Once installed on the phone, the Trojan uses the system to begin sending SMSs to premium rate numbers without the … Continue reading
Tags: Android, malware, mobile, Trojan-SMS
Filed In: Malware, Mobile
Posted By News | August 16th, 2010
Proso CEO, Chris Merritt, to have another article published in the IATAC Newsletter in their Fall 2010 issue. This free quarterly publication features timely articles from the IA community. These articles are solicited from such organizations as OSD/Joint Staff, the Combatant Commands, Services, Systems Commands, Government R&D Labs and Academia. Each issue also features regular … Continue reading
Tags: IATAC, News, Published Works
Filed In: News & Events, Press Releases