J.M. Porup

Senior Writer

J.M. Porup got his start in security working as a Linux sysadmin in 2002. Since then he's covered national security and information security for a variety of publications, and now calls CSO Online home. He previously reported from Colombia for four years, where he wrote travel guidebooks to Latin America, and speaks Spanish fluently with a hilarious gringo-Colombian accent. He holds a Masters degree in Information and Cybersecurity (MICS) from UC Berkeley.

11 penetration testing tools the pros use

5 things you should know about cybersecurity insurance

5 things you should know about cybersecurity insurance

Understanding what it can and can't do for your business is critical to getting the most out of a cyber insurance policy.

8 steps to being (almost) completely anonymous online

8 steps to being (almost) completely anonymous online

The universe may believe in encryption, but it doesn't believe in anonymity. You're going to have to work for it.

With email security, some things can't be outsourced

With email security, some things can't be outsourced

You can outsource your email, but a good chunk of securing that email remains in-house. Here's what you need to know.

How Adobe monitors cloud deployments to control shadow IT

How Adobe monitors cloud deployments to control shadow IT

Keeping an eye on your cloud deployments is key to preventing yet another data breach. Adobe's MAVLink program does just that.

Inspecting TLS-encrypted traffic with mitmproxy

Inspecting TLS-encrypted traffic with mitmproxy

The free, open-source mitmproxy tool makes it easy to inspect TLS-encrypted app and web traffic to see exactly who your phone is talking to.

How to stop email spoofing of parked domains

How to stop email spoofing of parked domains

Publishing a DMARC record for unused domains is a good idea. Here's how.

Backdoors and Breaches incident response card game makes tabletop exercises fun

Backdoors and Breaches incident response card game makes tabletop exercises fun

New Backdoors and Breaches card game makes it easy to build a random, realistic incident as part of a tabletop exercise.

Are we running out of time to fix aviation cybersecurity?

Are we running out of time to fix aviation cybersecurity?

A new report from the Atlantic Council on aviation cybersecurity underscores the poor state of aviation security — and worse, how poorly understood the problem is within the industry.

"Penn Test" challenge helps infosec team think like attackers

At Penn Medicine, gamifying security training builds skills, drives employee retention.

How a nuclear plant got hacked

How a nuclear plant got hacked

India's Kudankulam Nuclear Power Plant (KNPP) publicly admitted they discovered malware on their networks. It likely could have been easily avoided.

How a bank got hacked

How a bank got hacked

Notorious hacker Phineas Phisher claims to have netted hundreds of thousands of pounds sterling in a 2016 hack of the Cayman National Isle of Man Bank. Here's how he did it and why it's cause for concern.

Load More