Posted on August 20, 2018Link
Everyone who works in or is tasked with hiring for the InfoSec industry understands that one of the biggest challenges is acquiring and keeping talent. There is a deficit of good people, and that includes senior executives. In the case of CISOs, the average tenure (according to industry research) is 24 to 48 months, with many CISOs changing companies even more...Continue reading
Posted on January 08, 2018Link
In the 11+ years Depth has been in business we've had the opportunity to see some less than stellar work as far as assessment services go. Our clients often send us assessment reports they've received from other security firms. Sometimes they want us to check remediation status on a single item. Other times they aren't sure whether a given vulnerability is...Continue reading
Posted on November 16, 2017Link
With Chrome backing away from HTTP Public Key Pinning and other industry thought-leaders calling for its death, I figured I'd take some time to review some existing and upcoming (and tedious) controls that aim to fix some of the many shortcomings within the SSL/HTTPS ecosystem. In so doing I figured I’d summarize some of these concepts into a...Continue reading
