About
Articles by Shawna
-
Time to reevaluate the most desirable leadership attribute?
Time to reevaluate the most desirable leadership attribute?
By Shawna Turner, PMP, Masters in Infosec
-
An economic view of why software is insecure
An economic view of why software is insecure
By Shawna Turner, PMP, Masters in Infosec
Contributions
-
Here's how you can become a thought leader in system architecture through networking.
Building credibility is another way of saying "building trust." What you need to do depends on where you are and where the team is. The only way to know where the team is involves asking questions. Find out what people are trying to achieve, what they think the roadblocks are, and what they want success to look like. Validate what you think you learned. Then, start trying to match suggestions to the learnings you got validated. If you are new to the organization, a way to prove that you are suggesting solid ideas is to find reputable sources to point to. This way, you aren't asking your peers to take your ideas on faith.
-
What do you do if your software engineering internship project feels overwhelming?
What is the most minor, most apparent thing you can do first? When you feel overwhelmed, it sometimes helps to focus on doing just one thing. It's the same as running a marathon; you don't start with 26.2; you start with a single run, that's a lot smaller. But each completed run adds up, and eventually, you've covered the distance. Having smaller tasks that I can see and visualize completing helps keep the work in perspective.
-
How can you build a professional network in software development as an introvert?
Being an introvert is actually an advantage. As an introvert, you can focus on quality over quantity. So, identify your personal boundaries in this space. Can or will you participate in in-person events? How often? For how long? Do you want a job-specific group or a larger frame of reference (say, the difference between a software dev group and a "technology" group.) What kind of audience will you feel the most comfortable around? While the advice is always to be authentic, you probably have situations and preferences to make that easier, so identify them. Once you know the constraints that work for you, it's time to find groups that fit those requirements. You can use your knowledge for each step to identify what will work best for you.
Activity
-
If you want to build a relationship with people on LinkedIn, don’t try to sell them something five seconds after they accept your invite.
If you want to build a relationship with people on LinkedIn, don’t try to sell them something five seconds after they accept your invite.
Liked by Shawna Turner, PMP, Masters in Infosec
Experience & Education
Licenses & Certifications
-
-
-
Supervised Machine Learning: Regression and Classification
DeepLearning.AI, Stanford University
-
-
-
GIAC GISP
GIAC
Issued -
-
-
-
Certified Scrum Master
Scrum Alliance
Issued -
-
PMI PMP
PMI
Issued -
-
-
GIAC Systems and Network Auditor (GSNA)
Global Information Assurance Certification (GIAC)
Issued Expires -
GIAC Critical Controls Certification (GCCC)
Global Information Assurance Certification (GIAC)
Issued Expires -
-
CISSP
ISC(2)
Issued Expires -
-
Project Management Professional
11352
Publications
-
Fashion Industry (Securely) 4.0ward
SANS Reading Room
The fashion industry requires a list of minimum-security controls that address the entire ecosystem of fashion from the fashion houses to the supply chain to the factory floor to address information security concerns. This paper begins the process of developing a minimum viable list of controls by combining controls from the Purdue model with recommended controls from the Verizon 2019 Data Breach Investigation Report (DBIR). The paper focuses on proposed controls for the fashion sector;…
The fashion industry requires a list of minimum-security controls that address the entire ecosystem of fashion from the fashion houses to the supply chain to the factory floor to address information security concerns. This paper begins the process of developing a minimum viable list of controls by combining controls from the Purdue model with recommended controls from the Verizon 2019 Data Breach Investigation Report (DBIR). The paper focuses on proposed controls for the fashion sector; however, they apply to any manufacturing pivoting to Industry 4.0.
-
Is Information Security having a Wardrobe Malfunction?
SANS Technology Institute
Webinar of presentation regarding how the fashion industry does not match information security expectations of how market segment corporations operate.
-
When a picture is worth a thousand products: Image protection in a digital age
SANS Reading Room
Today, a lack of fashion industry specific information security controls and legal protection puts fashion industry companies at significant risk of Intellectual Property theft and counterfeiting. This risk is only growing as traditional methods of manufacturing are rapidly evolving toward digital models of design and mass production, using Industrial Control System (ICS) approaches for mass production. As mass production moves to digital manufacturing, the effect of losing new product 2D and…
Today, a lack of fashion industry specific information security controls and legal protection puts fashion industry companies at significant risk of Intellectual Property theft and counterfeiting. This risk is only growing as traditional methods of manufacturing are rapidly evolving toward digital models of design and mass production, using Industrial Control System (ICS) approaches for mass production. As mass production moves to digital manufacturing, the effect of losing new product 2D and 3D imagery, as well as the speed and lack of traceability around those losses could significantly impact corporate bottom lines and risk profiles.
-
Is the holder of a Security Certification certifiable? Or the people that vet for it?
Tripwire Blog
Ongoing contributions to the Tripwire State of Security Blog.
-
New Year’s Security Resolution Time!
Tripwire Blog
Ongoing contributions to the Tripwire State of Security Blog.
-
Is there such a thing as Responsible Disclosure of Vulnerabilities?
Tripwire Blog
Ongoing Tripwire Blog Contributions
-
Making converts for a (Security) Marathon
Tripwire Blog
Ongoing Tripwire Blog Contributions
-
Are you meeting your perceived security obligations?
Tripwire Blog
Ongoing Tripwire Blog Contributions
-
Not available. Why isn’t that considered a problem?
Tripwire Blog
Ongoing Tripwire Blog Contributions
-
Popularizing the Lone (Security) Wolf
Tripwire Blog
Ongoing Tripwire Blog Contributions
-
Have you added personas to your incident response program?
Tripwire Blog
Ongoing Tripwire Blog Contributions
-
Securing the Human takes more than a single (CBT) exam.
Tripwire Blog
Ongoing Tripwire Blog Contributions
-
Your Org Chart tells a security story
Tripwire Blog
Ongoing Tripwire Blog Contributions
Patents
-
Method and system for delayed write scanning for detecting computer malwares
Issued US 7757361
A method, system, and computer program product provides on-access anti-virus scanning of data files, which can be performed without introducing significant performance degradation and provides delayed file write operation scanning upon interception of a file write operation. A method of detecting a malware comprises the steps of intercepting a file access operation of the a process to a file, in response to the intercepting, waiting a time interval between the intercepting and scanning the file…
A method, system, and computer program product provides on-access anti-virus scanning of data files, which can be performed without introducing significant performance degradation and provides delayed file write operation scanning upon interception of a file write operation. A method of detecting a malware comprises the steps of intercepting a file access operation of the a process to a file, in response to the intercepting, waiting a time interval between the intercepting and scanning the file for a malware, and scanning the file for the malware, after waiting the time interval, wherein the process is associated with an application program and wherein the file access operation is a file write operation.
Other inventorsSee patent -
Virus scanning prioritization using pre-processor checking
Issued US 7188367
-
Method and system for delayed write scanning for detecting computer malwares
Issued US 20060168660
A method, system, and computer program product provides on-access anti-virus scanning of data files, which can be performed without introducing significant performance degradation and provides delayed file write operation scanning upon interception of a file write operation. A method of detecting a malware comprises the steps of intercepting a file access operation of the a process to a file, in response to the intercepting, waiting a time interval between the intercepting and scanning the file…
A method, system, and computer program product provides on-access anti-virus scanning of data files, which can be performed without introducing significant performance degradation and provides delayed file write operation scanning upon interception of a file write operation. A method of detecting a malware comprises the steps of intercepting a file access operation of the a process to a file, in response to the intercepting, waiting a time interval between the intercepting and scanning the file for a malware, and scanning the file for the malware, after waiting the time interval, wherein the process is associated with an application program and wherein the file access operation is a file write operation.
Other inventorsSee patent -
Method and system for delayed write scanning for detecting computer malwares
Issued US 7058975
A method, system, and computer program product provides on-access anti-virus scanning of data files, which can be performed without introducing significant performance degradation and provides delayed file write operation scanning upon interception of a file write operation. A method of detecting a malware comprises the steps of monitoring file access operations of a process, intercepting a file access operation of the process to a file, waiting a time interval, and scanning the file for a…
A method, system, and computer program product provides on-access anti-virus scanning of data files, which can be performed without introducing significant performance degradation and provides delayed file write operation scanning upon interception of a file write operation. A method of detecting a malware comprises the steps of monitoring file access operations of a process, intercepting a file access operation of the process to a file, waiting a time interval, and scanning the file for a malware.
Other inventorsSee patent -
Method and system for delayed write scanning for detecting computer malwares
Issued US 20030196103
A method, system, and computer program product provides on-access anti-virus scanning of data files, which can be performed without introducing significant performance degradation and provides delayed file write operation scanning upon interception of a file write operation. A method of detecting a malware comprises the steps of monitoring file access operations of a process, intercepting a file access operation of the process to a file, waiting a time interval, and scanning the file for a…
A method, system, and computer program product provides on-access anti-virus scanning of data files, which can be performed without introducing significant performance degradation and provides delayed file write operation scanning upon interception of a file write operation. A method of detecting a malware comprises the steps of monitoring file access operations of a process, intercepting a file access operation of the process to a file, waiting a time interval, and scanning the file for a malware.
Other inventorsSee patent -
Method and system for detecting computer malwares by scan of process memory after process initialization
Issued US 20030115479
A method, system, and computer program product for detecting a malware that provides the capability to detect malwares included in compressed files or which require emulation. A method of detecting a malware comprises the steps of scanning a process that has been loaded for execution for a malware, allowing the process to execute, if no malware is found, interrupting execution of the process, and scanning the process for a malware
Other inventorsSee patent
Languages
-
Spanish
-
Recommendations received
18 people have recommended Shawna
Join now to viewPeople also viewed
Explore collaborative articles
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
Explore More