Skip to content
FennSec
  • Home
  • @Tenable
  • @IriusRisk
  • HackTheBox
    • Travel – 10.10.10.189
    • Unbalanced – 10.10.10.200
    • Laser – 10.10.10.201
    • Worker – 10.10.10.203
    • Feline – 10.10.10.205
    • Compromised – 10.10.10.207
  • About

Cybersecurity

  • Home
  • Cybersecurity

Implementing security requirements: examples from the NIST 1800 series

Posted by By Lamine Aouad June 11, 2024Posted inCybersecurityNo Comments
I have recently developed a newfound appreciation for reading cybersecurity standards and guidelines. Their lack of practical examples and real-world scenarios, however, is a bit of a disappointment. There is…
Read More

How do you navigate the cyber framework landscape?

Posted by By Lamine Aouad September 26, 2023Posted inCybersecurityNo Comments
Although I always had a keen interest in cybersecurity frameworks and standards, I didn't get down to the meat of it until recently, and goodness gracious, I was (and still am)…
Read More

The Tip of the Iceberg

Posted by By Lamine Aouad May 18, 2023Posted inCybersecurityNo Comments
Verizon’s DBIR (Data Breach Investigations Report) has an interesting data point about the time to discover breaches. Up to 2019, DBIR has consistently reported that the majority of breaches took…
Read More

The curse of missing context in cybersecurity

Posted by By Lamine Aouad December 7, 2022Posted inCybersecurityNo Comments
Over the years, I have come to realize that context is everything in cybersecurity. Way too often, we rely on just a single piece of information (or very few) to…
Read More

MITRE ATT&CK for E/E architectures

Posted by By Lamine Aouad June 21, 2022Posted inCybersecurityNo Comments
MITRE ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) is a knowledge base that models adversaries in the wild. It's been widely adopted by the community and has become, in a…
Read More

Never too late for risk assessment

Posted by By Lamine Aouad June 10, 2022Posted inCybersecurityNo Comments
Some say "timing is everything", which I don't necessarily agree with. It could sometimes make the difference between a useful effort or a wasted one, especially if it's a business…
Read More

The convergence of compliance and good security. Will it happen?

Posted by By Lamine Aouad March 9, 2022Posted inCybersecurityNo Comments
I am genuinely interested in how can compliance efforts translate into effective cyber security programs that actually result in improved postures. Most cyber security professionals consider standards and regulations only…
Read More

In cybersecurity, get the foundation right, the details will always be a moving target

Posted by By Lamine Aouad October 19, 2021Posted inCybersecurityNo Comments
I've always had an interest in humanities and social sciences, and how they affect other domain areas, through us, people. Science nowadays says that making mistakes is not only an…
Read More

Machine learning in offensive security

Posted by By Lamine Aouad September 4, 2021Posted inCybersecurity, Data scienceNo Comments
At Symantec, I worked on implementing machine learning techniques to strengthen defenses capabilities and enhance the ATP product with advanced detections and protections. It certainly has increased the cost and…
Read More

Wrong priorities, increased risk

Posted by By Lamine Aouad May 11, 2021Posted inCybersecurityNo Comments
Setting up priorities can be hard and challenging, and cybersecurity (like almost everything else in life) is a prioritization issue. Beyond treating cybersecurity as a business priority and setting up…
Read More

Posts pagination

1 2 Next page
Recent Posts
  • Implementing security requirements: examples from the NIST 1800 series
  • The masks fell off!
  • Banging on the door of freedom
  • How do you navigate the cyber framework landscape?
  • The Tip of the Iceberg
Copyright 2024 — FennSec. All rights reserved.
Scroll to Top