Compensating Controls: When Patching Isn’t an Option
February, 2019, Steve Durham, Consultant, CoalfireOne Scanning Services
Your software vendor is asleep at the wheel and your devs still need that legacy daemon.
The HOW, WHY, and HUH? Blog on Disputes
January, 2019, Travis Finn, Consultant, CoalfireOne Scanning Services
As you may know, performing vulnerability scans is a requirement for PCI DSS compliance. One of those specific requirements, described in section 11.2.2, states that quarterly external scanning must be done by a qualified Approved Scanning Vendor. Coalfire just so happens to be an ASV, so if you need these scans we would happily oblige!
It wasn't raining when Noah built the ark
April, 2014, Craig Billado, Forensic Analyst, Coalfire Labs
This month movie-goers around the world will flock (possibly two-by-two) to see Darren Aronofsky’s ‘Noah’—a silver-screen adaptation of the timeless biblical story, starring Russell Crow and Jennifer Connelly . Whether one interprets the flood narrative literally or figuratively, this fact remains: the time to prepare for disaster is not after the fact but beforehand. This is true whether the calamity is divine or human in origin.