Software development teams should follow some guidelines and practices in order to create safe software. When developing software, you should beware of leaving backdoors or maintenance hooks. Secure Software Development Frameworks You can read more about secure software development frameworks…
Supply chain security is the part of supply chain management that focuses on the risk management of external suppliers, vendors, logistics and transportation. Its goal is to identify, analyze and mitigate the risks inherent in working with other organizations as…
A cryptographic analytic attack or cryptanalytic attack is an algebraic manipulation that attempts to reduce the complexity of a cryptographic algorithm. Analytic attacks focus on the logic of the algorithm itself. Cryptanalytic Attack Techniques Cryptanalytic attack techniques featured on this…
This post features cryptographic attacks. List of Cryptographic Attacks Cryptographic attacks featured on this post: Analytic An analytic attack is an algebraic manipulation that attempts to reduce the complexity of a cryptographic algorithm. Analytic attacks focus on the logic of…
This post introduces to OT or ICS communication protocols. List of ICS Communication Protocols ICS communication protocols featured on this post: Distributed Network Protocol 3 (DNP3) You can read more about DNP3 on this post. Modbus Modbus is older than…
Data security can be also referred as data protection. This post is about data security platforms. Data governance List of Data Security Platforms Data security platforms featured on this post: Microsoft Purview Microsoft Purview is a proprietary solution to manage…
In the context of IT security, a product compliance list (EPL) is a list of IT products that have been assessed and validated by a third-party considering that it meets all the necessary products. These parties are usually generally trusted…
This post explains the concept of log management and provides Description of Log Management A log is a registry produced by a device or application about its internal use. Logs are helpful for debugging or monitoring IT security. Log management…
Open Security (OpenSSF) is a non-profit organization It is part of the Linux Foundation. It was founded in 2020. OpenSSF Notable Projects OpenSSF Scorecard is a vulnerability scanner of FOSS projects. OpenSSF on the Social Networks Links to Social Networks:…
Data privacy standards featured on this post: ISO/IEC DIS 27701 ISO/IEC 27701 is an extension to ISO/IEC 27001 and 27002 (both about creating and maintaining an ISMS) that focuses on privacy. Version history: ISO/IEC DIS 27018 ISO/IEC DIS 27018 is…