Carlo Dapino
#Udemy Course on CISO strategy
(in draft, waiting publication, June 2024)
#Cyber Security Book
Book author of "Ten Cyber Security Heads-Up"
#Infrastructure Security Course
by Carlo Dapino
#CISO 101 - First Year at work
https://acklost-net.medium.com/ciso-101-lessons-1-first-day-at-work-c6e77f94a7c2
#Cyber #Security Architecture
Title: Technical Threat Matrix
Description:
I invented a new way to score security architecture controls by attacker vectors, based on ISO/OSI layers
https://acklost.weebly.com/tech-blog/tmm-technical-threat-matrix
my slides about TTM:
https://www.slideshare.net/CarloDapino/security-architecture-perform-a-gap-analysis
Transcript:
#bugbounty #EthicalHacking
#HackTheBox #EthicalHacking
https://www.hackthebox.eu/profile/29022
#Cyber #CISO_Advisory
Title: Not your usual 2019 cyber security forecast
Description:
Cyber Security Strategy conversation about 2019 attack trends
https://www.linkedin.com/pulse/your-usual-2019-cyber-security-forecast-carlo-dapino/
Title: TOP 10 - Cyber Security Strategy Shortfall 2018
Description:
An article describing the most common Cyber Security Strategy shortfall and mistakes
https://acklost.weebly.com/tech-blog/top-10-cyber-security-strategy-shortfall-2018-acklostnet
#Cyber #SecurityManagement
Title: Cyber Security Integration
Description:
A security culture based on Risk, created asymmetric views about company security maturity, across different security functions. The paper wants to suggest an integration and re-design, based on a logical approach and well known methodologies, only moving the focus away from the risk model.
The target of this soft talk is to show how each security function should work in concert with the rest of the organization, providing constant feeds to other security teams.The take-away of the talk should be to stimulate the readers to review collaboration across security functions and automation of input feeds and security team outputs.
https://www.slideshare.net/CarloDapino/cyber-security-integration
#Cyber #SecurityDesign
Title: Security Architecture 'R'evolution 3.0
Description:
Identify new security architecture challenges and how IT transformation introduce new attack vectors
https://acklost.weebly.com/tech-blog/security-architecture-revolution-30
#Cyber #Compliance #PCI-DSS
Title: PCI v.3.2 Vs. OpenSource
Description:
Approach to PCI DSS requirements by GNU/GPL open source software
http://acklost.weebly.com/tech-blog/sme_security_project-episode-1-pci-32-vs-opensource
#DFIR #IncidentResponse
Title: Proposal of a DNS TXT zone standard, to list security team contact details
Description:
I proposed a different approach to the security.txt RFC, to secure the incident response team details within a DNS TXT record, instead of a file system file published within the root directory of the webserver, diminishing the risk and enhancing the integrity of the data
https://www.linkedin.com/feed/update/urn:li:activity:6439980839416713216
#expat #live abroad
Title: How to change country
Description:
Practical survival guide to country move challenges
______________________________________________________________________________________________________________________
Security Boutique © logo is a Copyright registered logo - All rights reserved
Website carlo.dapino.info - Copyright © Carlo Dapino 2018 - All rights reserved