Presentations
Please note that all presentations are copyright Knightcraft Technology. They may be shared but only in the same form in which they appear on this website (unmodified and in entirety).
How to evaluate HPE NonStop security software – Presentation @ TBC2017
In a world of constant computer security breaches, organizations need to be extra vigilant in securing their systems. But what does this actually mean? Software vendors will tell you that you require a variety of different products to ensure system security, but which ones do you really need? Can you just use the native tools instead? Or if you do need to buy extra software, how do you work out which products best fulfil your requirements? This vendor neutral presentation... more
Security? A never ending story
When it comes to cybercrime and the HPE NonStop, hacking a system is about finding a way to access privileged userids such as super.super, or the application owner, which enables a person to then perform unauthorized functions on the system as that user. The only way to ensure that there are no holes in your security that would allow this kind of breach is by regularly reviewing all of the subsystems that, if not configured appropriately, may leave your company... more
PCI DSS 3.2 and how you can achieve it on your HPE NonStop servers
The Payment Card Industry Security Standards Council (PCI SSC) published PCI DSS version 3.2 in April, 2016. Many NonStop customers come under the purview of PCI DSS and this talk explains how this new update to the standard impacts the NonStop environment and what they need to do in order to comply. This presentation was provided to HPE internal staff as part of the Dan Porter TekTalk series. *Knightcraft Technology is the leader in security consultancy services and PCI DSS compliance... more
Common HPE NonStop security hacks and how to avoid them
While many organizations are currently focused on compliance, in many cases the real security of the system takes a back seat. Often this is due to the lack of in-depth platform knowledge possessed by the auditor or QSA and the underlying assumption that if you are compliant you are also secure. The key for a hacker of any system is to obtain privileged userid access rights and on the NonStop there are a number of potential security configuration holes that,... more
You may be PCI DSS Compliant, but are you really secure?
Many HPE NonStop customers have been passed by a QSA as being PCI compliant, but often the QSA doesn't have sufficient NonStop expertise to really know if all technical security requirements have truly been met. This can include compensating controls used for protecting sensitive data as well as vulnerabilities in configuration that may provide ways of gaining access to privileged userids or data. A number of recent high profile security breaches have alerted the whole industry to the fact that... more
PCI DSS – A Practical Approach to Compliance for HPE NonStop Servers
Much misinformation exists on what is required to achieve compliance with the Payment Card Industry Data Security Standard (PCI DSS). This presentation draws on real life NonStop customer experiences to provide a practical framework on how to approach PCI compliance for the HPE NonStop platform. Included are lessons learnt from recent PCI projects, common obstacles faced by organizations, details of what a QSA will typically look for during a PCI DSS assessment, the balance between compliance and security, separating the... more
Knightcraft services can be obtained directly from Knightcraft or can be procured through HPE. Please Contact us or your HPE account team to find out how we can help you achieve your security and compliance objectives.