Learn
Featured
Trusted provider of Security Solutions
Learn more about our approach to Holistic Cybersecurity
Download NowSecureIT is continually reviewing trends, examining technologies and engaging in standards development in cyber security, information assurance, audit, and regulatory compliance. Those efforts, combined with our first hand experience solving our customers’ problems, yield eBooks and videos that offer insights, guidance and best practice. We hope that you find them useful.
SecureIT’s FedRAMP Infographic
Gain valuable perspective on the entire FedRAMP authorization process in one picture. SecureIT’s FedRAMP infographic shows the role of upfront planning and preparation in achieving FedRAMP success.
FedRAMP Advisory Services
CSPs seeking to achieve FedRAMP authorization need a partner who can steer them onto the right path for fast, efficient FedRAMP success.
Transforming IT Audit for Cloud Computing
Access proven best practices and valuable insights from industry leaders that will propel success with your cloud audit. The eBook is a must read for increasing IT Audit’s success in planning, executing, and monitoring cloud audit initiatives.
NIST 800-171 Infographic
Clear the way for your Federal contracts in 2018. Get key facts and planning advice to successfully tackle these compliance requirements for doing business with the US Government.
Burp Primer Videos & Cheatsheets
Companies need a complete understanding of their risk and exposure. SecureIT’s penetration testing services test and verify the effectiveness of currently deployed security measures. This video and cheatsheet provides an overview of one of the tools that we use in order to detect network vulnerabilities.
Click on the links below to watch the videos & download the cheatsheets:
Burp Proxy Setup & Configuration
sudo Security and Risk Management Videos Series
Could more than a dozen of your employees have root access to mission critical servers due to error? SecureIT’s experience indicates that many companies have incorrectly implemented or maintained sudo exposing information assets to heightened risk from malicious actors. Register and watch these videos now as Greg Kent, SVP of SecureIT provides a valuable discussion on sudo background, common sudo implementation mistakes, and policies for safer sudo going forward.
Watch the sudo security video series now.
Part 1: Introduction to sudo & Common Use Cases
Part 2: Attacks on Poorly Written User Specifications
Part 3: Root Causes of the Problem & Resolving sudo Security Issues
Managing SSH Keys and Associations
The Secured Shell (SSH) service is widely deployed to provide secured connectivity between systems. In other words, SSH is the secured alternative for telnet or ftp services, which are clear text and could expose user credentials and sensitive network traffic to eavesdroppers. SSH provides an encrypted tunnel through which users can enter commands, transfer files, or even use an X Windows graphical users interface.
For many years, auditors have been advocating wide deployment of SSH as a costeffective solution to the security problem of clear text network transports. OpenSSH is the most commonly deployed implementation of the SSH protocol. The price is right – it’s free – and it does not require the complexities of a Public Key Infrastructure (PKI) for generating keys. However, many organizations that have large OpenSSH deployments have found that SSH can introduce new security problems that can be as significant as the problem of clear text transmissions.
Written by Greg Kent, SecureIT Vice President, our three part SSH eBook series provides a comprehensive discussion of the risks, solutions and preventive measures that can improve the security and success of your SSH deployment.
Part 1: Background and Risks
Part 2: Risk Management & Solutions
Part 3: Policy and Prevention
