Identity and Access Management: Filling the Gap in Identity and Access GovernanceTraditional identity solutions focus on access to applications, but that misses as much as 80 percent of corporate data.
We’ve entered the age of access governance. Organizations need to know who has access to what data and how they were granted that access. Identity and Access Governance (IAG) solutions address these issues while managing enterprise access. They provide visibility into access, policy and role management, and risk assessment—and they facilitate periodic entitlement reviews of access across numerous systems. Most enterprise IAG solutions are missing a key piece to the puzzle, though: unstructured data.
[Read the full article in TechNet Magazine
Tripping, Puking, and so much more!
Jonathan Cran is the CTO of Pwnie Express. Previously, he built and ran the quality assurance program for Metasploit, where he focused on automated testing, bug smashing and release engineering. He blogs at Pentestify.com.
How do you intercept HTTP or HTTPS traffic from an application other than a browser? We have seen this on a number of different penetration tests in the past few months and thought we should talk a bit about one of our favorite tools for the task, fiddler.
Drunken Security News #292 FAIL topics include BigIP, MySQL & grid certificates
We talk to Thomas about web security, encryption, and so much more!
In this article, we will learn how to use Memory Forensic Toolkits such as Volatility to analyze the memory artefacts with practical real life forensics scenario.
Software Defined Radio on the cheap for penetration testing. What's That Web Server?
More SQL injection, exploiting RFI in Metasploit, and Drunken Security News.
Forensics contest released, how to do some cool network forensics, and overcome anti-forensic techniques, and an SQL injection primer.