Category IT Security

IT Security Legislation

This post features regulations related to IT security. The post focuses on regulations that establish IT security controls. If you want to know regulations that prosecute malicious behavior related to computers or IT and IT crime, please check this post.…

IT Supplier Risk Management

This post discusses some topics about information technology (IT) supplier risk management (SRM) or Supply Chain Risk Management (SCRM). This post can be considered part of the series about supply chain IT security. Related terms are provider management and IT…

IT Vulnerability Scoring Systems

This post features scoring systems for IT vulnerabilities. List of Vulnerability Scoring Systems These are the resources for vulnerability scoring systems: The most popular is CVSS. CVSS Common Vulnerability Scoring System (CVSS) is an open standard that provides an open…

IT Risk Management

IT risk is any risk that is specific to information technology. IT risk management deals with the IT risk within an organization. In an organization, IT risk management may be done by the IT security department or the risk department.…

Cloud Security Compliance

This post summarizes some aspects of cloud security that need to be taken into account regarding compliance. To monitor cloud security compliance, we need to check all compliance sources and how they affect cloud security. Compliance sources: Limits of Cloud…

HTTP Traffic Interception Tools

This post features HTTP traffic interception tools for performing penetration tests. List of HTTP Traffic Interception Tools HTTP traffic interception tools: Burp Proxy Burp Proxy is a tool contained within Burp Suite. Proprietary and freemium. It is developed by British…