About

This is the official blog run by the IT Security Stack Exchange community. On this site we talk about:

• IT and Information Security

Any member of the community can contribute. If you have a suggestion for a post here, comment on meta. Regular contributors are given an account on the blog, where they can submit posts to be reviewed. We have also selected Editors who can review and publish posts.

About the Site

IT Security – Stack Exchange is for Information Security professionals to discuss the protection of assets from threats and the securing of vulnerabilities against exploitation. If your question generally covers …

• confidentiality, integrity and availability
• web application, operating system or platform hardening
• network and infrastructure security
• phishing, fraud and social engineering
• malware, trojan, botnet and denial of service mitigation strategies
• risk assessment, management and mitigation
• policies and regulatory compliance
• penetration testing, security assessment and audit
• security tools and applications
• security architecture, design and strategy
• the use of cryptography and encryption
• authentication, access control…

… then the IT Security Stack Exchange site is the right place to ask your question!