Secure strings should be used. These user scenarios should be done securely: Get password from user securely You can use Get-Credential or Get-Credential-User (that accepts a text as a an argument, in case you want to add a custom message…
Operational technologies (OT) are hardware and software that detects or causes a change, through the direct monitoring and/or control of industrial equipment, assets, processes and events.. You can read an introduction to OT on this post. OT Security (OT-Sec), Industrial…
ISA/IEC 62443 is a standard about industrial cybersecurity. ISA/IEC 62443 Cybersecurity Certificate Program is a family of certifications aimed for professionals and related to the ISA/IEC 62443 standard. The certificates are issued by the International Society of Automation (ISA). Take…
Network protocols can be classified by the OSI layer where they operate. Computer Network Protocols by OSI Layer This section informs lists computer network protocols by their OSI layer. OSI layer are, in incremental order: Data Link OSI Layer Protocols…
An ISO file is a standard file format to store the content of a drive within a file. This post explains how to create an ISO file from an optical drive (such as CD, DVD or BD) using Windows 10…
This post features regulations related to IT security. The post focuses on regulations that establish IT security controls. To read a more general post about compliance on general IT security regulations, visit this post. If you want to know regulations…
Microsoft Certified: Azure Security Engineer Associate (from now on, MCASEA) is a certification issued by Microsoft. It is an associate certification (level 2 out of 3) within the Microsoft certification scale. This certification was available from at least 2022, and…
Cyber Resilience Act (CRA) is a European Union (EU) regulation proposal. This post explains some aspects of CRA. Description of CRA CRA was proposed as a regulation by the European Commission in 2022. CRA is called in Spanish as Propuesta…
Digital Operational Resilience Act (DORA) is an European Union regulation. This post is an introduction to DORA. Introduction to DORA Its full title is “Regulation (EU) 2022/2554 of the European Parliament and of the Council of 14 December 2022 on…
This post discusses some topics about information technology (IT) supplier risk management (SRM) or Supply Chain Risk Management (SCRM). This post can be considered part of the series about supply chain IT security. Related terms are provider management and IT…