PENETRATION TESTING
THREATS: Hacking The Penetration Test. It’s not a good sign when an organization undergoing a penetration test can’t detect the operation probing and infiltrating its systems and network. In a new report by Rapid7 that pulls back the covers on penetration test engagements the company has executed, two thirds of these engagements weren’t discovered at all by the organization being tested. That’s especially concerning because pen tests tend to be short-term, rapid-fire – and sometimes loud – operations, unlike the low-and-slow attacks by seasoned cyberattackers. Find out more
[DARKREADING.COM]
HOW TO: Use Zarp for Penetration Testing. Network or systems administrators must conduct pen testing to discover any possible security weaknesses. Find out why Zarp is a very powerful pen-testing tool to have at your disposal. Find out more
[TECHREPUBLIC.COM]
WHY: Penetration Testing is a Vital Part of Any Effective Security Strategy. Cyber security strategies that focus solely on prevention will no longer cut it in the era of daily, continually changing attacks on infrastructure. Find out more
[INFORMATION-AGE.COM]
CIA: New CIA Director Inherits an Agency that is Quickly Developing Cyber Capabilities. Pompeo, formerly a House member from Kansas, steps into Langley with the benefit of a DDI that has been working for more than a year to broadly modernize the premier U.S. intelligence agency – an effort that includes the adoption of cloud data-storage technologies and secure dev-ops coding projects, as well as “digital collaboration environments and mobility through wireless.” Find out more
[FEDSCOOP.COM]
==========
NOW ON SLIDESHARE: Tech Update Summary from Blue Mountain Data Systems January 2017 http://www.slideshare.net/BMDS3416/tech-update-summary-from-blue-mountain-data-systems-january-2017.
IT SECURITY SUPPORT: Blue Mountain Data Systems is actively involved in implementing FISMA and NIST standards with Federal Civilian Agencies. Due to our extensive experience in this area, Blue Mountain has developed processes and organizational techniques to help ensure security deliverables are completed on time, and performed in the most efficient manner possible. We ensure that NIST-800-53 control requirements are treated consistently during definition, analysis, implementation, auditing, and reporting phases of a system. Find out more about Blue Mountain Data Systems IT Security Support Services. Call us at 703-502-3416.
BLUE MOUNTAIN DATA SYSTEMS HAS THE EXPERIENCE: 1994 to Present – U.S. Dept. of Labor, Employee Benefits Security Administration. Responsible to the Office of Technology and Information Systems for information systems architecture, planning, applications development, networking, administration and IT security, supporting the enforcement of Title I of the Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for design, development and support for its various enforcement database management systems, as well as all case tracking and customer service inquiry systems. Blue Mountain also provides IT security services to the EBSA, in the form of FISMA Assessment and Authorization, System Security Plans, Risk and vulnerability assessments, monitoring and investigation support. Read more.
==========