cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
AppDefects
Community Champion

Community Site Security?

@david-shearer  @amandavanceISC2 this Community site needs some love and attention to when it comes to security. In particular, it is missing several "security headers". The site gets a failing grade of "D" [report here]. In comparison the isc2.org site gets a grade of A [report here].

12 Replies
Shannon
Community Champion

 


@cdc wrote:

When was the last ISC2 security risk assessment performed and what were the results?


I have a feeling they concluded that performing a risk assessment was too much of a risk...  

 

 

 

 

 

Shannon D'Cruz,
CISM, CISSP

www.linkedin.com/in/shannondcruz
cdc
Newcomer III

Would you share a list of what  you consider "academic" and therefore not worth time to implement?

cdc
Newcomer III

@AppDefects, great catch!  The lack of content security policy is the main reason for the C grade.  Troy Hunt, Microsoft Regional Director and MVP, has several articles on his website about its purpose and how to configure.