IT Blog

  • IT Dojo Now Provides IBM Product Training

    We’ve teamed up with the IBM Global Training Provider of the Year for 2014 and 2015 to offer training courses that cover the full line of IBM systems and software. We understand your skills development needs, and we are dedicated to helping you achieve maximum return on your IBM investment. When you train with us, […]

  • What Are CCIs and Why Should I Care About Them?

    By Kathryn M. Farrish, CISSP One of the more recent information security innovations is the Control Correlation Identifier, or CCI. Each CCI provides a standard identifier and description for “singular, actionable statements” that comprise a security control or security best practice. The purpose of CCIs is to allow a high level statement made in a […]

  • Security Control Spotlight—The PM Family

    By Lon J. Berman, CISSP The Beatles were comprised of how many musicians? Easy, right? They were called the “Fab Four”, so there were definitely 4. Now Google “the fifth Beatle” and see what you get. Ditto for “sixth sense”. When I eat at a Thai restaurant and the waitress asks how hot I want […]

  • Getting Off to a Good Start with Your RMF Transition

    By Annette Leonard of BAI Information Security “The beginning is the most important part of the work.” ― Plato, The Republic Before rushing headlong into the RMF fray, DoD system owners should take the time to ensure they get off to a good start. Mistakes made at the beginning of the effort can be very […]

  • RMF Transition—What do I Really Need to Know?

    By Lon J. Berman, CISSP It’s hard to believe it’s been a whole year since the publication of DoD Instruction (DoDI) 8510.01 in March of 2014, which officially began the transition from the DIACAP process and IA Controls to the Risk Management Framework (RMF) and NIST Security Controls. While there are isolated pockets of progress […]

  • pyrit-nvidia-osx-cuda

    Installing pyrit with GPU Support on OS X

    Overview In the 802.11 WLAN security world I frequently refer to pyrit as the ‘unsung hero’.  Pyrit is an awesome tool that can do so much but doesn’t tend to get the recognition as more well-known tools like the aircrack-ng suite and coWPAtty.  Comparing these different tools can’t really be done in an apples-to-apples fashion but […]

  • Spotlight: Information Security Continuous Monitoring

    No longer just a technical issue, instead a strategic program to manage cybersecurity risk. Targeted cyber attacks are a strategic organizational problem. Cyber attackers are more sophisticated than ever before, and it has become vitally important to understand how to manage risk and implement a continuous monitoring program.  More than just a technical exercise, Continuous […]

  • CISSP Training Coming Up In Virginia Beach!

    Just a quick announcement about our CISSP training course that is coming up at our facility in Virginia Beach the week of January 12 – 16, 2015.  This will be a small class (limited to 10 individuals) taught by our resident instructor, Colin Weaver, a CISSP of over 14 years.  Colin has a unique way […]

  • WireShark Training in Virginia Beach!

    Due to increased interest, IT Dojo has partnered up to bring authorized WireShark training to the Hampton Roads area. Learn to use Wireshark to troubleshoot TCP/IP networks while preparing for the Wireshark Certified Network Analyst exam. In this hands-on course, you will receive in-depth training on Wireshark® and TCP/IP communications analysis. You will learn to […]

  • net-neutrality

    Nothing Neutral About Net Neutrality

    The volume of discussion and debate surrounding so-called ‘net neutrality’ in recent days has increased dramatically.  And, as usual, it is a polarizing topic.  The President has weighed in on the issue, urging the FCC to explicitly deny service providers the right to rate-limit the Internet’s content.  His ‘request’ has been met with a venomous […]

  • secontrol

    Security Control Spotlight—By the Numbers

    By Lon J. Berman, CISSP of BAI, Inc. In this issue’s “Spotlight”, we’re not going to focus on any specific controls or families, but rather on a comparison of RMF controls and DIACAP controls. The majority of DoD information systems are currently categorized under DIACAP as “MAC II Sensitive” or “MAC III Sensitive”. These categorizations […]

  • top10rmf

    Top Ten—Sources of RMF Policy and Guidance

    By Annette Leonard of BAI, Inc. RMF-related policies and guidance come from a plethora of sources within the seemingly-convoluted federal landscape. We believe a good understanding of these sources will be helpful as you move forward in your RMF implementation. Here, then is our “Top Ten” list of RMF policy and guidance providers. 10. US […]