Archives

Measuring Security Tool Utilization

When I first assumed the role of CISO at my current organization, I knew that a variety of commercial security tools had been purchased, along with numerous other open source, or otherwise free tools that were also being used for various functions. This raised a number of questions for me, including: What specific functions does each tool offer? Many tools are multi-functional. Which tool is the right tool for the job? How… Read More

Category: Blog Tags: CISO, Reporting, Security, Tools

Are Web Application Firewalls a Silver Bullet?

Similar in some ways to a network firewall, a web application firewall (WAF) is a device (or in some cases a service), purpose-built to protect web applications. Instead of filtering requests at the network level with rules based on IP addresses and network protocols, WAFs understand http requests and responses at the application layer. WAF rules are crafted to identify anomalous http requests, and take action accordingly. While very powerful and useful,… Read More

Category: Blog Tags: AppSec, Compliance, Security, Tools, WAF

tim.zeimann

Cyber Security Professional in Austin, TX