Tag cybersecurity

Cybersecurity Threat Modeling

Threat modeling is the process of identifying, analyzing and categorizing threats. List of Cybersecurity Threat Models Cybersecurity Threat Models featured on this post: The most popular is MITTRE ATT&CK. MITRE ATT&CK MITRE ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) Matrix is…

SOC Reporting Framework

This post introduces to System and Organization Controls (SOC) reporting framework, in the context of compliance with US American law Sarbanes-Oxley Act (SOX). Regulation Context The Sarbanes-Oxley Act (SOX or Sarbox) is a United States of America federal law. It…

International Cybersecurity Organizations

This post features international cybersecurity organizations. To find European Union cybersecurity organizations, please check this post. List of International Cybersecurity Organizations List of International Cybersecurity Organizations: FIRST FIRST (Forum of Incident Response and Security Teams) is a global association of…

Access Control Models

This post summarizes access control models, as considered in cybersecurity and access control. Acccess Control Concepts Permission refers to the access granted for an object and determine what you can do with it. Right refers to the ability to take…

AAA Network Protocols

This post summarizes Authentication, Authorization and Accountability (AAA) protocols or AAA network protocols. Do not confuse the AAA protocols with the authentication protocols like EAP, CHAP and PAP. Authentication protocols works in the OSI layers 2 and 3, and AAA…

Cybersecurity News Sources from Spain

This post lists sources that broadcast news about information security and cybersecurity. List of Cybersecurity News Webs from Spain Cybersecurity News Web from Spain: RedSeguridad Official web Revista SIC Official web Ciberseguridad TIC Official web Securtecnia Official web CyberSecurityNews.es Official…

Network Access Control

Network Access Control (NAC) is a security solution that enforces policy on devices that access networks to increase network visibility and reduce risk. NAC’s posturing capability determines if a system is sufficiently secure and compliant enough to connect to a…

Email Protocols

This post presents some aspects related to electronic mail (email or e-mail) protocols. Email Operational Protocols STMP An open relay is an insecure SMTP server that does not authenticate sneders before accepting and relaying email and are typically quickly exploited…