Software composition analysis (SCA) Software bill of materials (SBOM) is the list of components that conforms a given software. SBOM management should be part of the software development lifecycle (SDLC). SBOM may be compound by: Uses of SBOM We can…
This post features some operational technology (OT) security frameworks and standards. List of OT Security Frameworks and Standards OT Security frameworks and standards that are featured on this post: ISA/IEC 62443 ISA/IEC 62443, sometimes referred as ISA 62443 or IEC…
This post summarizes some aspects of information security on computer networks. Network Security Controls Security Gateway Security gateway is a broad term to refer to a network edge security device. Firewall Firewall is a control. Proxy servers are a type…
Secure strings should be used. These user scenarios should be done securely: Get password from user securely You can use Get-Credential or Get-Credential-User (that accepts a text as a an argument, in case you want to add a custom message…
Operational technologies (OT) are hardware and software that detects or causes a change, through the direct monitoring and/or control of industrial equipment, assets, processes and events.. You can read an introduction to OT on this post. OT Security (OT-Sec), Industrial…
ISA/IEC 62443 is a standard about industrial cybersecurity. ISA/IEC 62443 Cybersecurity Certificate Program is a family of certifications aimed for professionals and related to the ISA/IEC 62443 standard. The certificates are issued by the International Society of Automation (ISA). Take…
Network protocols can be classified by the OSI layer where they operate. Computer Network Protocols by OSI Layer This section informs lists computer network protocols by their OSI layer. OSI layer are, in incremental order: Data Link OSI Layer Protocols…
An ISO file is a standard file format to store the content of a drive within a file. This post explains how to create an ISO file from an optical drive (such as CD, DVD or BD) using Windows 10…
This post features regulations related to IT security. The post focuses on regulations that establish IT security controls. To read a more general post about compliance on general IT security regulations, visit this post. If you want to know regulations…
Microsoft Certified: Azure Security Engineer Associate (from now on, MCASEA) is a certification issued by Microsoft. It is an associate certification (level 2 out of 3) within the Microsoft certification scale. This certification was available from at least 2022, and…