Month: March 2024

C:\tags
alphasoc (4) Audit (1) business (3) Cycling (7) ddos (1) hardening (1) Holm Security (3) isms (8) iso27001 (10) knowbe4 (2) Netflow Logic (2) news (6) samm (1) sdlc (5) secdevops (2) Security Testing (3) siem (7) Spamhaus (4) Splunk (12) ssl/tls (2) tweaks (1) Veracode (10)
Splunk vulnerabilities and trust boundaries blo
Splunk
Thomas

Splunk vulnerability analysis – CVE-2024-29946 & CVE-2024-29945

Splunk vulnerability analysis – CVE-2024-29946 & CVE-2024-29945 in relation to a common threat model. DISCLAIMER – The author of this blog shall not be held responsible for any negative outcomes that may occur as a result of following advice given in this blog. Caveat emptor – use advice and ideas presented in this blog at your own risk.

Read More »
Thomas 31.03.2024
kicker.cloud
business
Thomas

Case: How we helped kicker.cloud achieve ISO 27001 certification

This is a case-study about the certification path of kicker.cloud, a very small startup company, its SaaS product and high ambitions aiming towards a global market. kicker.cloud encountered the same issues so many others have faced before and will in the future – the dreaded procurement Excel-sheets with seemingly endless amounts of security requirements that need to be addressed before any business deals can go ahead.

Read More »
Thomas 17.03.2024