I have received an invitation to do a guest lecture on information security at the Norwegian school of management BI again this year. You may recall that I did this last year too (more, and more).
As I did last time, I would love to have your ideas and inputs as to what I should focus on. Last year, I made it an interactive workshop around the TJX case. It worked great, and I got great feedback. This year I was thinking along the lines of black PR, and how to deal with it from a company view.
What are your thoughts on that? Is it a viable security issue from a company view? Are there any well known cases out there?
business
Playing with old computers
As with many IT-people who are no longer in the 20s, I have been playing around with hardware and software back in the young years. You know, building computers, soldering bits & pieces, hacking code, trying to get Linux running on a MCA-bus IBM...
And as many of my colleagues and peers, I am still getting my hands dirty from time to time. I guess it is the masochist in me.
Last night I was playing around with battered, old computers. Except. They where not that old. One where only 6 months old. And it should not be experiencing hick-ups, halts and driver problems. Usually.
This particular computer was residing in the reception. Many different users - non with any special computer related abilities - would use it over the week. And it had one major, business critical application inside - the booking system.
They had experienced hick-ups over some time now, and although I usually prefer not to get my hands dirty anymore, I decided to step back in time and sniff the dust. And I did the good'ol trick of removing everything (including the mainboard), and blow it all clean. Well, at least I would have if I had had some pressurized air at hand. After giving the components and the box itself a nice clean, the bits and pieces was put back in.
And to no surprise, there where a few things left over. I am a minimalist, and do not believe in using the computer cases as storagerooms, so I removed unused cards and other bits that no longer was of any use.
As I suspected, the computer came back to life, and works a dream. At least for now. Because this very computer was bought by people with no clue when it comes to computers. They had a need, went to the nearest superstore, and just bought a computer. Now, they did decide that this was a business critical computer, and thus made sure not to buy the cheapest one in the store...
But. They had no clue what-so-ever when it came to what makes a good business computer. And as you may have guessed allready, they came back with an overpriced piece of hardware, in combination with Microsoft XP Home edition. I repeat that. Microsoft XP Home edition. For a business critical computer.
I have made them all write one houndred times on a board: "I will never, ever again buy MS XP Home Edition."
And why is that? Why should you not use the home edition for business? It is all in the name. Home is not Business. Not even if you run a home-based business. The Home edition is a cheaper, less reliable and less sturdy OS than its brother XP Pro. Pro == Professional. Business == Professional.
Let me put this into monetary terms for you.
By choosing a cheaper OS like Home Edition, you may save a few bucks. In Norway, you save say 70$. But you buy yourself a large amount of it-related troubles, and will have to rely on an IT-consultant to help sort out all the troubles (face it, if you had the knowledge reqiured in the first place, you would never buy Home Edition. Period). And that IT-consultant does not come cheaply (if he does, he is not worth the money. Another period.). So the calculation I use in Norway is that you save $70, and that will be spent on the first half-hour of your IT-consultant.
By investing in a more sturdy OS, you may have to pay more to get going, but you will save money in the long run as you will not be required to dish out cash to IT-consultants every week.
Particularly when it comes to environments where there are a number of people involved would you do wisely to ensure that you get advises from people who understand the technology, and that can help you make the right decisions. It may cost a bit more to get going, but doing it right the first time is a huge cost and time saver in the long run.
Lets get back to the computer for a second. This computer was bought in February 2008 - so it is what I would call new. But during these months, it has already cost way more to operate and to keep it operating than the cost to buy it. And I have not even considered the cost of lost business when it was not operating, the stress on the not-so knowledgeable users and so on and so forth.
My advice to you if you are considering buying computers for your business are as follows:
And as many of my colleagues and peers, I am still getting my hands dirty from time to time. I guess it is the masochist in me.
Last night I was playing around with battered, old computers. Except. They where not that old. One where only 6 months old. And it should not be experiencing hick-ups, halts and driver problems. Usually.
This particular computer was residing in the reception. Many different users - non with any special computer related abilities - would use it over the week. And it had one major, business critical application inside - the booking system.
They had experienced hick-ups over some time now, and although I usually prefer not to get my hands dirty anymore, I decided to step back in time and sniff the dust. And I did the good'ol trick of removing everything (including the mainboard), and blow it all clean. Well, at least I would have if I had had some pressurized air at hand. After giving the components and the box itself a nice clean, the bits and pieces was put back in.
And to no surprise, there where a few things left over. I am a minimalist, and do not believe in using the computer cases as storagerooms, so I removed unused cards and other bits that no longer was of any use.
As I suspected, the computer came back to life, and works a dream. At least for now. Because this very computer was bought by people with no clue when it comes to computers. They had a need, went to the nearest superstore, and just bought a computer. Now, they did decide that this was a business critical computer, and thus made sure not to buy the cheapest one in the store...
But. They had no clue what-so-ever when it came to what makes a good business computer. And as you may have guessed allready, they came back with an overpriced piece of hardware, in combination with Microsoft XP Home edition. I repeat that. Microsoft XP Home edition. For a business critical computer.
I have made them all write one houndred times on a board: "I will never, ever again buy MS XP Home Edition."
And why is that? Why should you not use the home edition for business? It is all in the name. Home is not Business. Not even if you run a home-based business. The Home edition is a cheaper, less reliable and less sturdy OS than its brother XP Pro. Pro == Professional. Business == Professional.
Let me put this into monetary terms for you.
By choosing a cheaper OS like Home Edition, you may save a few bucks. In Norway, you save say 70$. But you buy yourself a large amount of it-related troubles, and will have to rely on an IT-consultant to help sort out all the troubles (face it, if you had the knowledge reqiured in the first place, you would never buy Home Edition. Period). And that IT-consultant does not come cheaply (if he does, he is not worth the money. Another period.). So the calculation I use in Norway is that you save $70, and that will be spent on the first half-hour of your IT-consultant.
By investing in a more sturdy OS, you may have to pay more to get going, but you will save money in the long run as you will not be required to dish out cash to IT-consultants every week.
Particularly when it comes to environments where there are a number of people involved would you do wisely to ensure that you get advises from people who understand the technology, and that can help you make the right decisions. It may cost a bit more to get going, but doing it right the first time is a huge cost and time saver in the long run.
Lets get back to the computer for a second. This computer was bought in February 2008 - so it is what I would call new. But during these months, it has already cost way more to operate and to keep it operating than the cost to buy it. And I have not even considered the cost of lost business when it was not operating, the stress on the not-so knowledgeable users and so on and so forth.
My advice to you if you are considering buying computers for your business are as follows:
- get someone who KNOWS for real to help you choose the right solution (ie. do not just pop down to the nearest superstore - pay a bit more and use a specialized IT-supplier)
- Saving up front usually only serves to increase the costs in the long run. See the first bullet...
- It is not enough to not buy the cheapest thing in the store - you need to understand what you are getting. See bullet 1.
- Give the users propper training. People who unpluggs the power to get the computer to shut down is a clear indication of the need for training. See bullet 1.
- Have a backup solution at hand. That means that you need a second computer available so you can use that if the main one decides to die in your hands. See the first bullet. Yes, again.
- Restrict the computer. That means someone who knows how to deal with computer (see the very first bullet) should enforce system policies (if you do not know what that means, see bullet one. If the people in bullet one have no clue, then you did not read bullet one, and just picked someone you know/from the top of Yellow pages.). The policies should enable the users to do what they need, and nothing more.
- Before you do this, you need not to worry about virus, spam and other security threats, as you already have your hands full. It will not help to buy a firewall, a nice antivirus solution or a security scanner. You need the basics first. See bullet 1.
- See bullet one.
Web filtering - who and what to block?
Kyle Northcutt posted this question on LinkedIn:
I like Angelos answer because it points to where the challenge really is - the humans. With the technology, we can do everything we can imagine. But humans. Now, that is a totally different manner. It takes a very non-technical manner to deal with those people.
In all my humbleness (right), I post my own answer below (as it is found on LinkedIn).
My LinkedIn answer:
In my experience, blocking access to internet resources soon turn your employers into a negative, less-productive bunch of unhappy sheep (lots of negativity in there, huh?)
Nothing is obvious when it comes to humans, and just blocking whatever one person finds obvious may very well upset someone else. As long as we are using technology to deal with human behaviors, we need to teach the same humans the reasons we choose to use technology instead of juts enlightening them.
There are only a few occasions I suggest using these kinds of controls:
* in controlled / secure environments where you must ensure 100% control of what is entering and leaving the area (then I always advice to set up a set of computers with access - as Internet now is a vital part of our communications)
* in restricted areas like jail and schools where motivation to follow policies are not that evident. But - this is also a very narrow path, as many kids today outsmarts the local IT-resource.
* in short time frames in departments dealing with sensitive information like annual results. Then we may close down all communication within a particular time - but never forget that there are phones, facsimiles and other techs you cannot control (that easy)
I am not a fan of closing down access. I believe that most employees are going to do their job as expected - as long as they get their perceived value in return. And face it - in today's workspace, most people will expect access to the Internet at their discretion.
Now, I am an advocate for employer controlled work environment - ie. the company set's the rules, and when you sign your contract, you agree to follow those very rules. But. As long as we are dealing with humans, we will reach much better results by understanding how psychology and organizations work and function. By using a mixture of positive incentives and negative incentives, and doing this in a clever manner, you will see much better results over time.
Face it, if you force a block, someone will be unhappy. You will start see people trying to work around those barriers. Your management will scream and expect totally different rules. Your day will become a nightmare. And what do you achieve? Less motivated, less productive employees.
I suggest the following approach that has worked a dream in the past:
* set up a QoS on your network, and on your outbound link. Tune down everything you do not like entering (streams, P2P, Skype etc). Set it so low that it is still possible to use it, but not practical anymore.
* Inform your employees regularly about how computers is a time thief (I mean, even for me now - I spend time writing this on the Internet instead of doing any productive work...), and give them tips on how to deal with it. Consider them humans and grown up, and it is amazing what you can get them to accept.
* Set up a network monitoring device, analyzing and capturing data traffic. These devices are able to tune in on, and capture only relevant data - triggered by rules and patterns you can define. Use this to figure out what is really going on, and to find that one or two rouge employees that you know are out there. Now you have evidence you can use to force this person to either follow the rules, or to kick him/her out of the organization.
In the end, you have a very efficient setup that does not intervene with day to day business, that does not make you vulnerable to updates and new "things to block", and that as a bonus makes you the hero of everyone in the organization (except the rouge ones, though...)
I have very good experience with this type of setup. Just keep in mind that you are dealing with humans - so treat them like humans to get the to do what you want!
----
What are your thoughts on webfiltering?
Who and what should the web filter block?
Obvious
malicious, lewd and illegal content aside.... should mental diversions
be limited or blocked from users? Social networking, youtube, gaming,
news, etc can be very distracting and hamper production, but when used
sparingly can boost morale, enhance creativity and act as an employee
perk in the organization.
My question is, which(if any) of these activities should be blocked?
Should everyone be affected by this policy or should engineering and
executives be excluded? As a bonus, how does your company handle web
filtering?
"I do not think that you productivity will increase by throttling the
employee's use of the internet! Slackers will find other ways to slack.
To my experience when people spent an inordinate amount of time with
diversions, is when they are either unhappy with their work or have
lost focus. Both are afflictions caused by management or lack of
thereof."
I like Angelos answer because it points to where the challenge really is - the humans. With the technology, we can do everything we can imagine. But humans. Now, that is a totally different manner. It takes a very non-technical manner to deal with those people.
In all my humbleness (right), I post my own answer below (as it is found on LinkedIn).
My LinkedIn answer:
In my experience, blocking access to internet resources soon turn your employers into a negative, less-productive bunch of unhappy sheep (lots of negativity in there, huh?)
Nothing is obvious when it comes to humans, and just blocking whatever one person finds obvious may very well upset someone else. As long as we are using technology to deal with human behaviors, we need to teach the same humans the reasons we choose to use technology instead of juts enlightening them.
There are only a few occasions I suggest using these kinds of controls:
* in controlled / secure environments where you must ensure 100% control of what is entering and leaving the area (then I always advice to set up a set of computers with access - as Internet now is a vital part of our communications)
* in restricted areas like jail and schools where motivation to follow policies are not that evident. But - this is also a very narrow path, as many kids today outsmarts the local IT-resource.
* in short time frames in departments dealing with sensitive information like annual results. Then we may close down all communication within a particular time - but never forget that there are phones, facsimiles and other techs you cannot control (that easy)
I am not a fan of closing down access. I believe that most employees are going to do their job as expected - as long as they get their perceived value in return. And face it - in today's workspace, most people will expect access to the Internet at their discretion.
Now, I am an advocate for employer controlled work environment - ie. the company set's the rules, and when you sign your contract, you agree to follow those very rules. But. As long as we are dealing with humans, we will reach much better results by understanding how psychology and organizations work and function. By using a mixture of positive incentives and negative incentives, and doing this in a clever manner, you will see much better results over time.
Face it, if you force a block, someone will be unhappy. You will start see people trying to work around those barriers. Your management will scream and expect totally different rules. Your day will become a nightmare. And what do you achieve? Less motivated, less productive employees.
I suggest the following approach that has worked a dream in the past:
* set up a QoS on your network, and on your outbound link. Tune down everything you do not like entering (streams, P2P, Skype etc). Set it so low that it is still possible to use it, but not practical anymore.
* Inform your employees regularly about how computers is a time thief (I mean, even for me now - I spend time writing this on the Internet instead of doing any productive work...), and give them tips on how to deal with it. Consider them humans and grown up, and it is amazing what you can get them to accept.
* Set up a network monitoring device, analyzing and capturing data traffic. These devices are able to tune in on, and capture only relevant data - triggered by rules and patterns you can define. Use this to figure out what is really going on, and to find that one or two rouge employees that you know are out there. Now you have evidence you can use to force this person to either follow the rules, or to kick him/her out of the organization.
In the end, you have a very efficient setup that does not intervene with day to day business, that does not make you vulnerable to updates and new "things to block", and that as a bonus makes you the hero of everyone in the organization (except the rouge ones, though...)
I have very good experience with this type of setup. Just keep in mind that you are dealing with humans - so treat them like humans to get the to do what you want!
----
What are your thoughts on webfiltering?
Branding starts when you pick up your phone!
Wow. I am amazed.
I just called a company - or so I thought. I was researching, looking for some particular information, and now just calling competitors of my client in order to gather intelligence.
And as I call around, the phone is answered (no surprise there) with:
I just called a company - or so I thought. I was researching, looking for some particular information, and now just calling competitors of my client in order to gather intelligence.
And as I call around, the phone is answered (no surprise there) with:
"Hello...?"
The voice is female, and sounds like a housewife answering the phone of her husband, not sure if she is allowed to do so. You get the picture.
Me: "Have I reached ABC corp?"
Her (sounding unsure): "Yes..."
Me: "Am I talking to ...?"
Her (suspicious this time): "Yeees..."
Then: "Who am I talking to?"
I realize that I have made up my mind already in her first "Hello...?". This is not a company I would want to deal with.
Her: "Excuse me a second..." and the line goes on hold.
I start wondering what I am dealing with here. Obviously, this is no professional company. My mind wonders off, and I seriously consider just hanging up.
But, I brace myself, and continue - I am on a mission, after all:
Me: "So, listen...I was wondering, do you deal with ...?" (Insert the service/product name here).
Her (hesitating): "Yes, I could do that."
Wow. So, this company is her. No-one else, it seems. And obviously she is not used to customers rushing down her phone.
We continue our conversation, which continues to break up with "Please hold a sec..." every 30 seconds or so. As I have gathered the information I wanted, I start to wrap up. And now she has changed her approach, and starts to seem desperate.
Me: "So, let me get back to you."
Her: "Please do. I can do this. I really can, I assure you. Really."
I hung up.
Imagine, I wrote one third of this post while on hold - during the conversation - with this company. I posed as a potential client. I would pay. I would be a long term client of hers.
But it is all ruined by the first impression. The first "Hello...?". The lack of a presentation. The total lack of professionalism and commitment. It just makes me sick.
And this reminds me that branding is a full time commitment. Your company's public image is created by that first phone call. And if you drive potential clients away, you will end up with a broken back before you know it!
Me: "Have I reached ABC corp?"
Her (sounding unsure): "Yes..."
Me: "Am I talking to ...?"
Her (suspicious this time): "Yeees..."
Then: "Who am I talking to?"
I realize that I have made up my mind already in her first "Hello...?". This is not a company I would want to deal with.
Her: "Excuse me a second..." and the line goes on hold.
I start wondering what I am dealing with here. Obviously, this is no professional company. My mind wonders off, and I seriously consider just hanging up.
But, I brace myself, and continue - I am on a mission, after all:
Me: "So, listen...I was wondering, do you deal with ...?" (Insert the service/product name here).
Her (hesitating): "Yes, I could do that."
Wow. So, this company is her. No-one else, it seems. And obviously she is not used to customers rushing down her phone.
We continue our conversation, which continues to break up with "Please hold a sec..." every 30 seconds or so. As I have gathered the information I wanted, I start to wrap up. And now she has changed her approach, and starts to seem desperate.
Me: "So, let me get back to you."
Her: "Please do. I can do this. I really can, I assure you. Really."
I hung up.
Imagine, I wrote one third of this post while on hold - during the conversation - with this company. I posed as a potential client. I would pay. I would be a long term client of hers.
But it is all ruined by the first impression. The first "Hello...?". The lack of a presentation. The total lack of professionalism and commitment. It just makes me sick.
And this reminds me that branding is a full time commitment. Your company's public image is created by that first phone call. And if you drive potential clients away, you will end up with a broken back before you know it!
Windows 3.1 is dead - so what?
Today, John Sheesley amused me with his attempt to use Windows 3.1 (actually 3.11 Windows for Workgroups) as a workstation of 2008. Those of us who remembers WFW, may wonder why on earth he would do that for, but I leave it to that.
One should think that using a software that was designed only 15 - 20 years ago should be quite possible today. After all, a PC is still a PC, right?
Not so. A PC of today (2008) is based upon the same principles as back in the early 1990's, but the technology has reach a maturity point where backwards compatibility hardly exists.
Yes, you may get WfW to actually work, if you like many others keep an old 486, or even a P1/P2 in a closet nearby. The challenge will be to render it useful, as John realises:
And IE 5 is not 15 years ago - it is more like 5.
Now, why should you, a security minded reader, care about the fact that John failed this project?
Several reasons comes to mind:
Yes, XP, 2000 and many others will be out of date. 2000 actually did this summer, when MS pulled the support for it. Anyone remember OS/2? DOS I guess most still remember, but only hardcore, old-guys still uses it to some extent. The world (and the technology with it) moves on.
To keep up with changes, you need to keep track on what is going on, as well as on your own requirements. You are required to update once in a while, but you do not need to jump on the latest versions of everything - unless you have special requirements. It is simply a matter of balancing your needs.
One should think that using a software that was designed only 15 - 20 years ago should be quite possible today. After all, a PC is still a PC, right?
Not so. A PC of today (2008) is based upon the same principles as back in the early 1990's, but the technology has reach a maturity point where backwards compatibility hardly exists.
Yes, you may get WfW to actually work, if you like many others keep an old 486, or even a P1/P2 in a closet nearby. The challenge will be to render it useful, as John realises:
"The latest and greatest Web browser I could find for Windows 3.x was Internet Explorer 5.01. This
was suprisingly modern — I thought IE 4.01 was the last version for
Windows 3.x. Alas, it’s not modern enough. After installing this
browser, it quickly became apparent that you can go almost nowhere with
IE 5.01."
And IE 5 is not 15 years ago - it is more like 5.
Now, why should you, a security minded reader, care about the fact that John failed this project?
Several reasons comes to mind:
- From a continuency point of view - if you rely on some old hard-/software, make sure you have the tools and systems available in case of a failure.
- From a data storage point of view - if a software can become totally obsolete in less than 5 years, you need to make very sure that your backup systems; long-time storage; and other data you may require access to in the future; uses technology you are able to access.
- From a compliance point of view - if you are obligued to store information for a periode of time - 3, 5, 7 or 10 years - you are also obligued to be able to access the same data in the future. It is your responsibility, and it is usually a good idea to plan the technology at the same time you plan what and where to store your data.
"What will happen in the next 5 years? Is XP, 2000 going to be out of date also? Will we be able to keep up with the changes that are coming? How can we keep up to speed?
"
Yes, XP, 2000 and many others will be out of date. 2000 actually did this summer, when MS pulled the support for it. Anyone remember OS/2? DOS I guess most still remember, but only hardcore, old-guys still uses it to some extent. The world (and the technology with it) moves on.
To keep up with changes, you need to keep track on what is going on, as well as on your own requirements. You are required to update once in a while, but you do not need to jump on the latest versions of everything - unless you have special requirements. It is simply a matter of balancing your needs.
Corporate spying
Bruce Schneier covers corporate spying today - you know, when your employer or your shop uses spying methodology to learn to know you better. I only wish this was new - government trained security specialists have crossed over to private business since the dawn of time.
Since you do not have to work for the government to have a license to kill - it is enough to be a hired gun - and the number of specialists increases, it is only natural that some accepts tempting offers from the corporate world.
What is more - there is nothing strange in a company - big or small; to protect itself. The challenge is to be able to draw the line - where do you stop? Is it OK to have Wall-Mart or HP to install wiretaps on you (or someone else)? If not - when would it be OK? If you think it is just fine, when would it NOT be OK anymore?
We know that most companies today use computers to track everything related to it's production, logistics and sales. Why is it so chocking to read that they are using computers to analyze and track that information too? After all, Business Intelligent and Data warehousing is nothing new under the sky.
From the article:
"If you try to buy more than three cell phones at one time, it will be tracked," he (David Harrison) reportedly told the audience.
The fact that they let you know some of their thresholds may raise a few eyebrows, but again - if you are a smart criminal, you would not use a clean ID to buy your batch of prepaid phones, now would you? Most likely you would use someone else's CC?
When your company is large enough, you start spending money on security. And security in this sense means you put into action counter-measures and information gathering. When your company is larger than some countries, it would be quite expected that you use some of the same measures to protect your assets.
I think it is unavoidable. We keep introducing tools that facilitate the collection, storing and analyzing of data. Obviously some will collect and analyze more data than others. Surely this will continue. And most importantly, most people do not care.
Botnet is big business
Dark Reading has a good writeup on BotNets today - very descriptive, and written without all the technical blah-blah. If you ever wanted to understand the hows and the whys of BotNets, this is a very good place to start!
On vendors and VARs
Alan Shimmel at StillSecure answered Michael Farnum (correct name this time, I hope...) and Mike Rothman yesterday.
The discussion is in regards of what can a vendor expect from a VAR SE in terms of technology expertise, and also adds who should do post-implementation.
They seem to agree the fact that a VAR SE has a large amount of products to understand and know. I wonder, can you really use that as an excuse not to build competence at the layer closest to the customer? Sure, you might never be the deep specialist - but I believe that if you (the VAR) is not able to build enough local expertise of your products, you are not helping your partner.
Worse even - you are not helping your customers either. They expect you to be the source of knowledge. They expect you to support and maintain them. So I think it is just fair that your customers also should expect you to be able to help them out. So if you have an SE, you need to help him/her to build the competence required to do the job right.
The other part of the discussion is about who should do the post-sales and implementation. There are two reasons I choose to go with Allan here.
1. As above - many VARs are not interested/able/willing/whatever to invest the necessary time and effort to have the required competence. Thus, someone else needs to.
2. The vendor has all the required competence, and the required deep specialist knowledge. They do not need to invest in competence in many other product areas, as does a VAR. Thus, it makes perfect sense to me that the vendor of a specialist product also does the implementation. If the vendor chooses to share the revenue of the work with the VAR too, now that is what I call a bonus!
I know first hand how hard it is when you have sold a complex solution, and it turns out your SEs do not have the required competence. And it might just have been one of the cases Allan complains about - we had sold a few of his products to a key test customer in Norway. And my SE at the time just could not get the stuff up and running.
I had to calm the customer, who was in the Defence industry, and was supposed to become a key account. No matter what we did, we could not get the things working. And being on the other side of the Atlantic, just flying in technical resources is not that easy either.
We managed to get most things going after a long while. We where not able to invoice the implementation work - as they rightfully thought it to have taken too long.
In this case, there where only losers. The client got the solution 6 month late. The VAR lost a large amount of work, plus credibility and the client. We (at a distributor at the time) lost the VAR, the client and lost interest in what we though where a hard-to-use and unfinished product.
If the vendor had run the post-sales, this would most likely never had ended this way. The case would have been a key reference, and everyone would be happy.
Both vendor and VAR need to look at both short-term and long-term revenue. If you get too shortsighted, you loose in the long run. There must be a balance, and with increasingly complex solutions, not all VARs are able to build and sustain the required competence.
Thus, I welcome the move by StillSecure to handle the post sales.
Content copyright Kai ROER / Roer.Com. Content is provided using the Creative Commons License.
All names and logos are copyright their respective owner(s).
All names and logos are copyright their respective owner(s).
Explore Security Bloggers Network
Recent comments
4 days 14 min ago
4 days 9 hours ago
6 days 14 hours ago
1 week 3 days ago
1 week 3 days ago
2 weeks 21 hours ago
2 weeks 1 day ago
3 weeks 1 day ago
4 weeks 1 day ago
4 weeks 3 days ago