Welcome!

I Am Security

Iftach Ian Amit

Subscribe to Iftach Ian Amit: eMailAlertsEmail Alerts
Get Iftach Ian Amit via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories by Iftach Ian Amit

So, There’s this new (for me) LinkedIn “publishing” thing, that prompted me to try it as I was posting a semi-rant there. Let’s see how well that works out: https://www.linkedin.com/today/post/article/20140531211959-1510435-security-and-maturity-beating-the-averages?trk=prof-post ... (more)

Getting things right goes a long way when you are bleeding

I’m starting to see a trend here with the weekend posts. I can stomach most of the FUD during the work days, but things get to me through the weekend. Oh well. There goes a “mandatory” heartbleed post: Yes, it’s a bad one. No it’s not the worst one. And no – the sky isn’t […] ... (more)

Relying on AV? Really?

I tried to hold back on this one, but if you’ve read this blog (or met me in person) you know it’s hard… Another amazing research coming out of your favorite AV vendor – uncovering ground breaking security implications. Take a minute to read this: http://www.symantec.com/connect/blogs/simple-njrat-fuels-nascent-middle-east-cybercrime-scene Admittedly, I have stopped reading any AV vendor’s blog […] ... (more)

Women in infosec? That thing again?

I usually don’t weigh in on the topic, well, because I don’t have the right equipment for once, and furthermore, I think that the majority of discussions around it are led by people who woefully misrepresent most of the women in infosec that I know. But I have to share this: Jennifer J. Minella (@jjx on twitter) […] ... (more)

Defense through Offense, and how APT fits there

I’m guessing that having “APT” in anything that goes outside for public consumption these days is mandatory, but this post actually has a good reason to do so. If you look back just one post in the past, we were discussing the new initiative to define “Penetration Testing”. The post, and the proposed standard itself really take a good look at what organizations need, and how to address such needs from a practical point of view, rather than from a compliance or a “check-box ticking” perspective. For me this is one of the things that the security industry has done a great disservi... (more)