To have a good monitoring solution is essential for managing availability at enterprise level. So many organizations start with open source technology to visualize parameters. Grafana is used often and there are many complementing software pieces, which together create a mature environment. This tends even to influence the security management as well. A customer required […]

For hardening you should use the best practice in form of the Center for Internet Security (CIS) benchmarks. Each benchmark contains a number of single atomar tests that are well described and discussed in the CIS expert community. Before a benchmark is finally published it runs through a defined quality assurance process which is kind […]

Transparency is one of our core values, and one of the basic principles of the GDPR. The ideal Users, by which we mean citizens, partners, clients and customers, have a right to know what is going on with their data.  Ideally documentation should be provided in a clear, easy to understand format, reformatted for the […]

COVID-19 and climate change are two examples of crises that affect everybody, and make everybody talk about disaster management and the need for strong systems to avoid the worst.  Unfortunately it’s human nature to forget the bad times as soon as they are over, and turn back into the proverbial grasshopper who spends the good […]

Not many companies expect to be hacked.  Often it happens because their security controls don’t cover all of the possible business vulnerabilities, or the budget is invested in the wrong areas. Whether we are talking about penetration testing or auditing, a security engineer’s job is to reveal and deal with the unexpected. We are often […]