Expert opinion

Cor Rosielle, CTO at Outpost24 BLX currently holds all ISECOM certifications and in his spare-time is a IT security researcher and main contributor to the OSSTMM 3.0. Cor delivers security testing trainings and certifications, and is regularly quoted for security advice in IT magazines.

Linkedin reported abuse of their system recently. Members recently received a lot of unofficial invitations recently. Computable magazine asked Cor his opinion. You can find the article (in Dutch language) here. 

Cor Rosielle was also asked for his opinion about the malware that attacked on an Iranian nuclear plant (23-09-2010). You can find the article (in Dutch language) here.

Protecting a website using https - The right and the wrong way

The news frequently brings items where companies and governments are accused their website is not secure. "Hackers and criminals can easy access your confidential data or even modify it!", such articles often tell us. Usually this means someone found a website which is accessible via http instead of https. The "solution" is to protect the website with SSL certificates. Such website are often detected by Certificate Registrars, companies that sell SSL certificates for profit. Certainly https can protect the data, but it is no silver bullet. If you don't do it right, the safety can easily be broken and https gives you a false sense of security. Investigation shows even most of the websites of companies in the Fortune 500 (2009) don't use https in the right way.

Soon a whitepaper will be available on our website, so you can make sure you are implementing https better than most Fortune 500 companies in 2009.

Are the Fortune 500 improving using https in 2010?

Earlier investigation showed even most of the websites of companies in the Fortune 500 (2009) didn't use https in the right way. Because of this, their website is not as well protected as it could be and should be. It is about a year since that investigation. So we were curious to see if there is any change since the previous investigation.

Therefore we have investigated the websites of companies in the Fortune 500 (2010) and determined if there was any improvement in that year.

Are you curious too? Then visit our website again soon and read about our findings in our whitepaper.