Homepage
Open in app
Sign in
Get started
2024
2023
2022
2021
Support
Archive 2022
Do you really know the environment you need to protect?
Do you really know the environment you need to protect?
A key requirement for any security professional is to know the environment. Depending upon the job role the level of detail may vary.
Richard de Vries
Jan 4, 2022
Vulnerabilities — Can you survive this data avalanche?
Vulnerabilities — Can you survive this data avalanche?
At the moment of writing this blog, there are 167.039 CVE registered. And from 167.039 registered CVEs, 11% is rated as critical.
Richard de Vries
Jan 8, 2022
Help, I need to develop a detection use case.
Help, I need to develop a detection use case.
There is no need to panic if you follow a structured approach. Otherwise, run Forrest, run.
Richard de Vries
Jan 11, 2022
Have you added an incident log writer to your incident response team?
Have you added an incident log writer to your incident response team?
Uhhh, what? An incident log writer function? I hear lots of crazy function titles within IT. So why do I need to implement a log writer?
Richard de Vries
Jan 15, 2022
Are you really honest during the lessons-learned phase?
Are you really honest during the lessons-learned phase?
The incident has been remediated, but in stead of archiving the incident, you need to attent a lessons-learned review meeting.
Richard de Vries
Jan 18, 2022
Threat Modeling Frameworks — Do you really need one?
Threat Modeling Frameworks — Do you really need one?
Threat modeling frameworks come on in all shapes, forms, and sizes. And they serve a very specific task and that is to provide insights.
Richard de Vries
Jan 25, 2022
When was the last time you patched your network devices?
When was the last time you patched your network devices?
It is important that network devices like firewalls, switches, and cameras also have the latest security patches installed.
Richard de Vries
Jan 29, 2022
Do you really understand the network traffic that is following thru your firewall(s)?
Do you really understand the network traffic that is following thru your firewall(s)?
The general concept behind a firewall is to erect a barrier to prevent bad/unwanted activities on the network.
Richard de Vries
Feb 1, 2022
Is it possible to always identify the actual root cause behind a security incident?
Is it possible to always identify the actual root cause behind a security incident?
Identifying the actual root cause of a security incident is not always as straightforward as you think.
Richard de Vries
Feb 5, 2022
The two most important non-functional requirements - Security and Testing.
The two most important non-functional requirements - Security and Testing.
As important as the functional requirements are the non-functional requirement. However, we do not treat them the same way.
Richard de Vries
Feb 12, 2022
Are you being notified?
Are you being notified?
Often when we talk about security, we think and talk about the environment we are responsible for. But it is getting more and more…
Richard de Vries
Feb 15, 2022
Is AI or a hacker knocking on your door?
Is AI or a hacker knocking on your door?
Our adversaries are getting smarter. That is just a fact. Technology is also getting better. That’s also a fact. But what if …
Richard de Vries
Feb 26, 2022
About Tales from a Security Professional
Latest Stories
Archive
About Medium
Terms
Privacy
Teams