VULNERABILITIES: The State of Application Penetration Testing. Data from real-world pen tests shows configuration errors and cross-site scripting are the most commonly found vulnerabilities. Read more
LEGAL: The Good, the Bad and the Agreement. Although conducting pen testing is prudent and becoming common, it is also fraught with potential pitfalls. When embarking on such a project, a company should fully understand its scope and include certain contractual protections with the pen tester. Read more
FEDERAL GOVERNMENT: What the Trump Administration Can Do to Boost Software and IoT Security. Last May, President Trump ordered his administration to come up with a plan for securing the U.S. government and the nation’s infrastructure from cyberattacks that threaten the country’s economy and national security. The Department of Homeland Security and Department of Commerce have put together a draft report, outlining the administration’s goals and key recommendations. The report is now available for public comment, with the government seeking feedback from the security industry, along with other stakeholders in industry, academia, and the public sector, as it prepares to deliver a final report the President in May 2018. Among the highlights of this report is the importance of reducing vulnerabilities in software and Internet of Things (IoT) devices. Read more.
CLOUD: Critical Vulnerability Reports Grew 64% in 2017. The launch and growth of new operating systems is mirrored by an increase in reported vulnerabilities. Read more.
NOW ON SLIDESHARE: Tech Update Summary from Blue Mountain Data Systems February 2018 https://www.slideshare.net/BMDS3416/tech-update-summary-from-blue-mountain-data-systems-february-2018.
IT SECURITY SUPPORT: Blue Mountain Data Systems is actively involved in implementing FISMA and NIST standards with Federal Civilian Agencies. Due to our extensive experience in this area, Blue Mountain has developed processes and organizational techniques to help ensure security deliverables are completed on time, and performed in the most efficient manner possible. We ensure that NIST-800-53 control requirements are treated consistently during definition, analysis, implementation, auditing, and reporting phases of a system. Find out more about Blue Mountain Data Systems IT Security Support Services. Call us at 703-502-3416.
BLUE MOUNTAIN DATA SYSTEMS HAS THE EXPERIENCE: 1994 to Present – U.S. Dept. of Labor, Employee Benefits Security Administration. Responsible to the Office of Technology and Information Systems for information systems architecture, planning, applications development, networking, administration and IT security, supporting the enforcement of Title I of the Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for design, development and support for its various enforcement database management systems, as well as all case tracking and customer service inquiry systems. Blue Mountain also provides IT security services to the EBSA, in the form of FISMA Assessment and Authorization, System Security Plans, Risk and vulnerability assessments, monitoring and investigation support. Read more.