J.M. Porup

Senior Writer

J.M. Porup got his start in security working as a Linux sysadmin in 2002. Since then he's covered national security and information security for a variety of publications, and now calls CSO Online home. He previously reported from Colombia for four years, where he wrote travel guidebooks to Latin America, and speaks Spanish fluently with a hilarious gringo-Colombian accent. He holds a Masters degree in Information and Cybersecurity (MICS) from UC Berkeley.

Bug bounty platforms buy researcher silence, violate labor laws, critics say

Dear future victim, please panic

Dear future victim, please panic

I am the opportunistic infection, THE DORMANT CYBER PATHOGEN now awakes! While you're worried about COVID-19 infection, I'm already inside your networks!

4 steps to build redundancy into your security team

4 steps to build redundancy into your security team

A biological virus infecting your critical security staff could wreak havoc on your business. These practices will reduce your risk.

Open-source options offer increased SOC tool interoperability

Open-source options offer increased SOC tool interoperability

Too many security tools in your SOC, and none of them talk to each other, but new vendor-supported open-source projects might lead to greater interoperability.

Making the case for hardware 2FA in the enterprise

Making the case for hardware 2FA in the enterprise

Hardware 2FA tokens are the best and cheapest defense against phishing and credential stuffing attacks, but there are some gotchas.

Kali Linux explained: A pentester’s toolkit

Kali Linux explained: A pentester’s toolkit

Kali Linux is the most popular penetration testing Linux distro, and jam packed with almost every offensive security tool you can think of.

11 penetration testing tools the pros use

11 penetration testing tools the pros use

Penetration testing is a simulated cyber attack where professional ethical hackers break into corporate networks to find weaknesses ... before attackers do.

What's the difference between the deep web and the dark web?

What's the difference between the deep web and the dark web?

We hear the terms "deep web" and "dark web" thrown around a lot... but what do they actually mean? And what's the difference between the two? CSO Online writer J.M. Porup joins Juliet to dispel rumors and discuss what sets the deep...

5 things you should know about cybersecurity insurance

5 things you should know about cybersecurity insurance

Understanding what it can and can't do for your business is critical to getting the most out of a cyber insurance policy.

8 steps to being (almost) completely anonymous online

8 steps to being (almost) completely anonymous online

The universe may believe in encryption, but it doesn't believe in anonymity. You're going to have to work for it.

With email security, some things can't be outsourced

With email security, some things can't be outsourced

You can outsource your email, but a good chunk of securing that email remains in-house. Here's what you need to know.

How Adobe monitors cloud deployments to control shadow IT

How Adobe monitors cloud deployments to control shadow IT

Keeping an eye on your cloud deployments is key to preventing yet another data breach. Adobe's MAVLink program does just that.

Load More