What tools or technologies do you use and find effective for end user security awareness training? Do you also use sandboxing ?

Security & GRC Device Management

3.8k views2 Upvotes3 Comments

Director of Information Security (ISO) in Software, 51 - 200 employees

I typically use online tools like KnowBe4's online solution that is probably the best online tool. With sandboxing, I assume you are referring to pen or vuln scanning? Either way, yes

1

Chief Security Officer in Software, 10,001+ employees

We have internal security training that is domain specific such as dev training (based on OWASP), compliance training (based on NIST / CIS) or other domain specific training that we have created internally.

CIO in Finance (non-banking), 51 - 200 employees

We have used Proofpoint (fka Wombat) training for the mass market training for our staff and more narrow technical training solutions for developers and operations it staff.

Content you might like

Where do HR and other non-security/IT departments fit into your insider risk management strategy/program? What role do they currently play?

Security & GRC Risk Management Threat & Vulnerability Management +1 more

CISO in Software, 10,001+ employees

It is challenging, but sometimes very important for HR to work with IT and Security for scenarios where employees will be laid off, etc. as those people are often higher risk for performing unauthorized or malicious acti...read more

Read More Comments

4k views1 Upvote7 Comments

What are some great on-prem and SaaS programs for internal PKI and Certificate Life Cycle Management?

Applications & Platforms Security & GRC

Director of IT, Self-employed

DigiCert: DigiCert offers cloud-based certificate management services that are known for their ease of use, scalability, and strong security. They provide solutions for both internal and public-facing certificates.

OpenSSL: ...read more

Read More Comments

1.8k views1 Upvote2 Comments

What is the #1 threat to cloud security at your organization?

Cloud Security & GRC Compute +6 more

Malware22%

Data Exposure32%

Weak/Broken Authentication14%

Insider Threats15%

Application Vulnerabilities11%

Overprovisioned Access5%

Other0%

218 PARTICIPANTS

743 views2 Upvotes

How does your company handle AD accounts after a person leaves the company? We have been changing the passwords, disabling them, and moving them to a separate OU, but I'm interested to hear if you do anything else.

Product development engineer in Manufacturing, 201 - 500 employees

whattt

Read More Comments

936 views2 Comments

Which deception tool do you use, or plan on using?

Security & GRC Vendor Management

Acalvio Shadowplex8%

Attivo ThreatDefend Deception and Response Platform40%

Fidelis Deception13%

TrapX DeceptionGrid 7.07%

Other (comment below)32%

198 PARTICIPANTS

2.2k views2 Comments