Category: Uncategorized

A recent Splunk presentation

What the hell was that?!? We recently delivered a presso that described how DotSec has used Splunk for a number of interesting projects.  (In preparing the presso, I was a bit shocked to discover that we’ve actually been using Splunk now for over 10 years!  Fun times!)  Anyhow, our presentation was quite interactive, and it …

PCI DSS confusion: These are not the patches you’re looking for

Or, are they? In the course of our PCI DSS-related work, we’ve noticed one issue that often causes some confusion for many clients:  Do missing operating system or application patches need to be applied, even if those missing patches are only flagged by the internal vulnerability scan as medium or low risk? It’s an important …

IRAP compliance for national service provider

We’ve compiled a case study that summarises 18 months of very challenging, rewarding and ultimately successful work, guiding the development of an IRAP-compliant information security management practice.  Our client was an international service-provider to governments in Australia and overseas. In order to be able to provide services to the Australian federal government, our client needed …