29 03, 2017

New Context works to mature STIX

By | 2017-03-29T20:09:42+00:00 March 29th, 2017|Articles|

In January of 2015, New Context was commissioned by a client to perform a review of existing machine readable threat feed frameworks. The customer, a user of Industrial Control System (ICS) hardware, is looking years into the future in hopes to forge a path in which complex patterns of [...]

22 03, 2017

Upcoming Talk: The Heart of DevOps is Cooperation

By | 2017-03-22T17:53:40+00:00 March 22nd, 2017|Events|

Ben Tomhave to speak at MISTI InfoSec World Saturday, April 1, 2017 Omni Orlando Resort at ChampionsGate, FL 4:15 PM – 5:00 PM Closing Keynote - The Heart of DevOps is Cooperation Ben Tomhave If you’ve ever performed a root cause analysis on security incidents, then you’ll have readily seen [...]

10 03, 2017

Patterning in STIX 2.0 Upcoming Talk at ICSJWG

By | 2017-03-22T17:56:49+00:00 March 10th, 2017|Events|

Thursday, April 13, 2017, 1:45pm Patterning in STIX 2.0 John-Mark Gurney, Principal Security Architect for New Context will be speaking at Industrial Control Systems Joint Working Group (ICSJWG) Spring Meeting Abstract Cyber Threat Intelligence (CTI) is only useful if it provides actionable intelligence which improves an organization's security. Structured Threat Information Expression (STIX) [...]

1 03, 2017

Automate Web App Security Scanning Using Arachni

By | 2017-03-01T19:37:08+00:00 March 1st, 2017|Uncategorized|

In this post I'm going to share with you how our teams implement automated vulnerability scanning for our web apps using Arachni and integrating that in to our Continuous Delivery pipeline. In this example we're going to show how we can do this using a Jenkins server, but theoretically anything [...]

Load More Posts