Secure your web traffic and other TLS-protected data by ensuring your TLS cert is configured and deployed correctly
"A Transport Layer Security (TLS) certificate is a vital part of a balanced security breakfast, but millions of organizations are still eating Frosted Fruity Squiggles (with Extra Sugar inside!) and calling it a meal...and not even a tasty one at that.
You'd think configuring and deploying a TLS certificate securely would be an easy thing, but a quick look at Censys or Shodan reveals a gargantuan number of insecure TLS certs, including quite a few from organizations that really ought to know better..."
There are important lessons to be learned from a crisis, even the ones that are more fiction than fact
"I've heard the statement 'society doesn't deal with problems until they become a crisis' many times. Unfortunately, this is often the case in information security, but it doesn't need to be this way. As security practitioners, we can't fix the ills of society. We can, however, learn how to distinguish a real security crisis from a manufactured one. Furthermore, from each crisis (real or manufactured) that we go through, we can learn how to avert them all together.
In this spirit, I offer 20 questions to ask during a real or manufactured security crisis..."