penetration testing
See the following -
How DOD Embraced Bug Bounties -- And How Your Agency Can, Too
It was a Tuesday in April, and Mark Litchfield was poking around the Defense Department's Defense Video Imagery Distribution System, looking for security holes. It didn't take him long to find one. He soon uncovered a vulnerability known as a blind persistent cross-site script. It could enable any maliciously minded hacker to log in as a site administrator and broadcast whatever content he or she wanted from the DVIDS website -- which is the primary way the U.S. military keeps the public informed about its activities around the world...
- Login to post comments
Securing Health Data Means Going Well Beyond HIPAA
A two-decade-old law designed to protect patients’ privacy may be preventing health care organizations from doing more to protect vulnerable health care data from theft or abuse. The Health Insurance Portability and Accountability Act (HIPAA) established strict rules for how health data can be stored and shared. But in making health care providers vigilant about privacy protection, HIPAA may inadvertently distract providers from focusing on something just as important: overall information security...
- Login to post comments
US Department Of Defense Publishes New Guidelines For The Internal Use Of Open Source For Cyber Defense Purposes
On January 24, 2022, John Sherman, the Chief Information Officer (CIO) of the US Department of Defense (DoD) released internally (and published two days later) a Memorandum for the Senior Pentagon Leadership, the Commandant of the Coast Guard, the Commanders of the Combatant Commands, the Defense Agency and the DoD Field Activity Directors. Particularly, it provides the Department of Defense with new guidelines on software development and open source software, addressing the opportunities and challenges that open source can represent for the public sector, and how the latter should interact in this regard.
- Login to post comments