Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
AppDefects
Community Champion
‎07-19-2019 12:09 PM
‎07-19-2019 12:09 PM

Community Site Security?

@david-shearer  @amandavanceISC2 this Community site needs some love and attention to when it comes to security. In particular, it is missing several "security headers". The site gets a failing grade of "D" [report here]. In comparison the isc2.org site gets a grade of A [report here].

Reply
12 Replies
Shannon
Community Champion
‎08-14-2019 01:14 AM
‎08-14-2019 01:14 AM

 

@cdc wrote:

When was the last ISC2 security risk assessment performed and what were the results?

I have a feeling they concluded that performing a risk assessment was too much of a risk...  

 

 

 

 

 

Shannon D'Cruz,
CISM, CISSP

www.linkedin.com/in/shannondcruz
Reply
cdc
Newcomer III
‎08-14-2019 12:38 PM
‎08-14-2019 12:38 PM

Would you share a list of what  you consider "academic" and therefore not worth time to implement?

Reply
0 Kudos
cdc
Newcomer III
‎08-14-2019 12:42 PM
‎08-14-2019 12:42 PM

@AppDefects, great catch!  The lack of content security policy is the main reason for the C grade.  Troy Hunt, Microsoft Regional Director and MVP, has several articles on his website about its purpose and how to configure.

Reply
0 Kudos