Showing Blog Posts: 1–6 of 6 by Eric Cowperthwaite

Eric Cowperthwaite

Eric Cowperthwaite

Core Security Inc.

  • What Black Hat and the NFL Have in Common: Strategy

    by Eric Cowperthwaite on August 19, 2015

    This time of year is a merging of two of my favorite things, Hacker Summer Camp aka BSidesLV, Black Hat and DefCon, and the beginning of the football season. On the surface it might not appear that these things have a lot in common. However, a bit deeper analysis tells us that the strategies employed by your security team and your favorite football team revolve around many of the same principles…

  • A Note on #CISOProblems

    by Eric Cowperthwaite on August 11, 2015

    What is it about this time of year? In the past month or so I’ve noticed even more headlines and reports than usual about the problems plaguing today’s CSOs and CISOs. If you’ve somehow managed to dodge the onslaught of grim stats, I’ll sum it up for you: The “bad guys” are proliferating and becoming more sophisticated. Security managers are having a hard time getting enough “good guys” on their…

  • Growing Up: A Roadmap to Vulnerability Management Maturity

    by Eric Cowperthwaite on June 8, 2015

    At this year’s RSA Conference, there was strong focus on identifying where your company’s security posture is in terms of maturity. As Brian Krebs touched on in a recent post, there are many different maturity models outlining what your company is doing, and what it should be doing. Of course each company is different, and the path to reducing risk is never a straight line. It is, however, …

  • Today’s Attack Mode Mindset to Pen Testing

    by Eric Cowperthwaite on May 13, 2015

    Let’s start off by getting on the same page about what a penetration test is. The goal is generally to provide or your management team with an evaluation and snapshot of the organization’s security posture at a specified time. The actual testing involves mimicking what real attackers do, usually by leveraging a chain of vulnerabilities (i.e. attack path) in an attempt to reach critical assets. …

  • If You’re Not With Us, You’re Against Us

    by Eric Cowperthwaite on March 17, 2015

    It’s time that we all came to an important and necessary conclusion: There is no silver bullet in security. There is no one product, solution, vendor or technology that is going to make you 100 percent secure. And if you’re relying on one product, you deserve a blog post all your own. Now that we’ve all agreed on this point, let’s start talking about how we can all be working together to solve a…

  • An Anthem to Get Behind: Enable Two-Factor Authentication

    by Eric Cowperthwaite on February 17, 2015

    In the security industry, we all know it’s just a matter of time, sometimes minutes, before the next breach makes headlines. We’re stopping and blocking attacks left and right, and it only takes that one time for a hacker to be right, that one mistake before we have to answer the question, “What happened?” The latest victim was Anthem, a huge health insurance provider who had 80 million customer…

This document was retrieved from on Mon, 24 Oct 2016 04:51:01 -0400.
© 2016 EMC Corporation. All rights reserved.