Securtity’ OR 1=1–
Questions by Paul Ritchie in September 2019
- What is cyber security?
- Where does security fit into the SDLC?
- Who is responsible for security?
- When do you have enough security?
- Can security assessments be automated?
- What strategies can be used to secure an unsupported 3rd party application?
- After a penetration test is the system secure?
- What does “Zero Day” mean to you?
- How do you mitigate the threat posed by “Zero Days”?
- Is using an off-the-shelf application more secure than developing a bespoke one?
- When is hosting in the “cloud” more secure?
- In what circumstances is hosting “on-premise” the only option?
- What does “ethical disclosure” of a security vulnerability mean?
- Is it ever ethical to publish details of a vulnerability before the vendor has responded?
This work is licensed under a Creative Commons Attribution 4.0 International License.