Be Yourself. By Yourself.
The last CompTIA Security+ training course of the year 2025, and I will have a short break after this to prepare for some new things in the year 2026.
If you have demand for this training course, please contact Robusta.
ZTX Cyber x Robusta Technology & Training
#DrPhilipCao #DrPC #GlobalCyberEducator #CompTIA #SecurityPlus #ZTX #ZTXCyber #Robusta
The 2025 SANS Security Awareness Report® analyzes data provided by over a thousand security awareness professionals from around the world to identify and benchmark how organizations are managing their human risk.
This data-driven report provides actionable steps and resources to enable organizations at any stage of their Awareness program to mature said programs and benchmark them against others.
In this download you will find:
👉 The analysis, insights, and actionable data that make great programs successful
👉 The top challenges awareness programs face in managing human risk
👉 Program maturity benchmarking trends, as measured against the Security Awareness Maturity Model®
👉 How security awareness professionals can grow and develop their careers including detailed salary information and a Career Development path
👉 Action items to proactively grow your team and your budget to mature your program
…and so much more! Download the report now to unlock actionable insights to growing and maturing your security awareness program to excel at Managing Human Risk.
Download the full report: https://www.sans.org/mlp/ssa-security-awareness-report
Customer experience and vendor trust are key drivers for provider selection due to the maturity and mainstream adoption of EPPs. Buyers should assess solutions in the context of a broader integrated workspace security strategy as part of their cybersecurity technology optimization efforts.
By 2029, 30% of midsize organizations will converge workspace, data security and identity security capabilities into a workspace security platform, enabling holistic protection and centralized policy management.
By 2030, 25% of enterprises will adopt a continuous assessment and optimization process to assess and remediate workspace security controls in a targeted fashion to reduce the attack surface.
Gartner defines an endpoint protection platform (EPP) as security software designed to protect managed endpoints — including desktop PCs, laptop PCs, virtual desktops, mobile devices and, in some cases, servers — against known and unknown malicious attacks. EPPs provide capabilities for security teams to investigate and remediate incidents that evade prevention controls. EPP products are delivered as software agents, deployed to endpoints, and connected to centralized security analytics and management consoles.
EPPs provide a defensive security control to protect end-user endpoints against known and unknown malware infections and file-less attacks using a combination of security techniques (such as static and behavioral analysis) and attack surface reduction capabilities (such as device control, host firewall management and application control). EPP prevention and protection capabilities are deployed as a part of a defense-in-depth strategy to help reduce the endpoint attack surface and minimize the risk of compromise. EPP detection and response capabilities are used to uncover, investigate and respond to endpoint threats that evade security protection, often as a part of broader threat detection, investigation and response (TDIR) capable products.
– Protection against malware and file-less attacks using endpoint real-time scanning and anti-malware techniques
– Endpoint attack surface reduction capabilities, such as device control, host firewall, exploit protection or application control
– Detection and blocking of endpoint threats using behavioral analysis of endpoint, application and end-user activity
– Integrated endpoint detection and response (EDR) functionality enabling real-time telemetry collection, detection customization, postincident investigation and response
– Assessment of endpoints for software and OS vulnerabilities and misconfigurations, as well as built-in or integrated patch management and virtual patching capabilities
– Capabilities for continuous assessment and optimization of EPP policies and settings against configuration best practices and emerging threats
– Workspace security platform integrations with email security, security service edge, identity protection, data security controls and endpoint management tools
– Integrations with native and third-party TDIR capable products enabling telemetry collection, correlation, investigation and remediation across multiple security controls
– Extended support for end-of-life, uncommon operating systems or legacy server workloads
– Partner- and vendor-delivered service wrappers, such as managed detection and response (MDR) and co-managed security monitoring services
Read the full report: https://www.gartner.com/doc/reprints?id=1-2LFIK3DH&ct=250711&st=sb
Happy to be invited by Vinh Nguyen, Co-founder & CEO of NightyEight to participate in Conviction 2025, of the biggest event of Blockchain & AI in Vietnam.
Conviction 2025 is the leading event on Blockchain & Web3 with the participation of many international speakers. This year there is also an AI section so it is expected to be very hot. The event is expected to welcome about 30,000 attendees over the 2 days.
Join me at: https://conviction.vn
DrPhilipCao #DrPC CyberAdvisor CyberEducator Conviction2025 BlockchainandAI
Zero Trust turns 15 this year, and I have also had 12 years of engaging with Zero Trust with many memories. Since 2018, I have started a series of sharing about Zero Trust for communities in Vietnam – the Zero Trust Sharing for Community series. Wherever I go, I receive many questions about Zero Trust, for example:
1. There is so much information about Zero Trust on the Internet, how do I know which information is accurate and trustworthy?
2. How do I get started with Zero Trust?
3. What should be the right approach to Zero Trust that is relevant and effective for the organization’s leaders?
4. Is it necessary to do a Zero Trust architecture design?
5. Is Zero Trust suitable for small and medium-sized companies or startups, or is it only suitable for large companies or corporations?
……… And there are many more questions that I cannot mention here.
I think, maybe we should do something about Zero Trust for the community again after my period of rest and talk less about Zero Trust in public. Therefore, I decided to coordinate with Exclusive Networks Vietnam (ENV) to organize an online workshop about Zero Trust for the community, as a way to warm-up Zero Trust in Vietnam again. The expected time is August 8 (this is a very special day for me personally and I will reveal the reason in the workshop).
If anyone in Vietnam is genuinely interested in Zero Trust and would like to have useful and applicable information for their journey to bring Zero Trust into their organization, please register. Registration information is as below:
Registration link: https://forms.gle/GifY4kb1DKgCRszC6
Language: Vietnamese
Audience: Vietnam communities
See all of you who are genuinely interested in Zero Trust at the workshop!
ZTX Cyber
#DrPhilipCao #DrPC #CyberAdvisor #CyberEducator #ZeroTrustWebinar #VietnamCommunity #August8 #ExclusiveNetworksVietnam #ENV #ZTX
