7MS #341: How to Fix Unquoted Service Paths
7 Minute Security19 Joulu 2018

7MS #341: How to Fix Unquoted Service Paths

Today's episode is brought to you by my friends at safepass.me. Safepass.me is the most efficient and cost-effective solution to prevent Active Directory users from setting a weak or compromised password. It's in compliance with the latest NIST password guidelines, and is the only enterprise solution to protect organizations against credential stuffing and password spraying attacks. Visit safepass.me for more details, and tell them 7 Minute Security sent you to get a 10% discount!

In today's episode we talk about how to identify - and resolve - unquoted service paths. Maybe you've seen this pop up in your vulnerability scanner and aren't quite sure what the risk is or how to fix it - and maybe more importantly, how to fix it at scale if need be. That's the technical conundrum I faced this week, so I talk about some resources to help you identify this risk and get it out of your environment!

And here's a gist I wrote that walks you through everything step by step:

Jaksot(684)

7MS #99: How to Deliver Bad News in a Good Way

7MS #99: How to Deliver Bad News in a Good Way

Today's episode gives you some tips on how to deliver bad news in an assessment in a positive way. I think that last sentence was a grammatical nightmare.

2 Loka 20158min

7MS #98: Intro to PCI Scoping

7MS #98: Intro to PCI Scoping

So far I've focused on the technical aspects of PCI, but I'm trying to get familiar with the overall scoping questions that my tenacious QSA friends ask when they start a gap analysis. This episode shares some interesting tidbits I learned while doing some QSA "shadowing" on an assessment of a restaurant.

30 Syys 20158min

7MS #97: OFFTOPIC-Limbo

7MS #97: OFFTOPIC-Limbo

We're going off topic today and talking about video games! LIMBO for the Xbox!

25 Syys 20157min

7MS #96: How to Make Enemies During a Security Assessment

7MS #96: How to Make Enemies During a Security Assessment

Yep, we're talking about how to make ENEMIES during a security assessment today (and maybe turn them into friends).

23 Syys 20159min

7MS #95: How to Make Friends During a Security Assessment

7MS #95: How to Make Friends During a Security Assessment

When you start a security assessment with a company, not everybody's gonna be glad to see you. The IT dept and other employees may have tense shoulders, thinking that this is an Office Space situation where they're interviewing for their jobs. This episode talks about some ways you might be able to get your assessment off to a right start.

17 Syys 20157min

7MS #94: Learn How to Burp - Part 1

7MS #94: Learn How to Burp - Part 1

I've been looking for better ways to learn Burp Suite and I struck gold! Check out my recommendations in today's episode!

15 Syys 20158min

7MS #93: Securing Your Life

7MS #93: Securing Your Life

So yeah, this is kind of off-topic, but have you thought about security in the sense of "What kinds of security things should I be doing before I'm dead?" Today's episode explores that.

11 Syys 20158min

7MS #92: You're Not Ready for Big Boy Security Pants

7MS #92: You're Not Ready for Big Boy Security Pants

Sometimes I get in situations where clients want their WHOLE security program reviewed, but in reality, they are still in the baby steps phase. What's the right thing to do when, for lack of a better term, the client isn't ready to put on their security big boy points?

9 Syys 20157min

Suosittua kategoriassa Politiikka ja uutiset

rss-podme-livebox
aikalisa
ootsa-kuullut-tasta-2
et-sa-noin-voi-sanoo-esittaa
otetaan-yhdet
politiikan-puskaradio
rss-vaalirankkurit-podcast
aihe
rikosmyytit
the-ulkopolitist
rss-kovin-paikka
linda-maria
rss-mina-ukkola
rss-tasta-on-kyse-ivan-puopolo-verkkouutiset
radio-antro
rss-aijat-hopottaa-podcast
rss-kaikki-uusiksi
rss-hyvaa-huomenta-bryssel
rss-raha-talous-ja-politiikka
rss-kyselytunti