Information security governance is a part of governance, risk and compliance (GRC). Information Security should take into account the organization objectives and identified risks to define information security objectives. To achieve these goals, the IS strategy must be defined. Information…
When assessing IT security of the providers of an organization, we may find ourselves in bothersome tasks like having to create custom questionnaires and review the answers sent by them. Some providers offer cybersecurity risk questionnaires. This is a non-exhaustive…
This post summarizes ideas about microservices, that is a type of distributed system. This post is part of a series of articles about distributed systems. Description of Microservices IT microservices is a service-oriented architecture (SOA) where the application is splitted…
Virtual patching is an IT security control that can be applied when instead of applying a security patch, additional measures are applied to mitigate the risk of not applying this patch. The reasons why a patch is not applied could…
This post summarizes hints about how to choose a free and open source software (FOSS) license. Choosing a FOSS License There is no a perfect open source licenses that can is suitable for all situations. It depends on the biggest…
Certified Cloud Security Practitioner (CCSP) is a certification focused on cloud security and issued by American non-profit organization ISC(2) CCSP certification is more detailed than CCSK certificate, that is issued by Cloud Security Alliance (CSA). Some recommend to obtain CCSK…
Kerberos is both an ticket-based Authentication, Authorization and Accountability (AAA) network protocol and a SSO implementation: It is the most common ticket system, used for example in on-premise Windows networks. Kerberos issues tickets that can be presented to various services…
ExifTool is both command-line tool and a Perl library to work with file metadata. It is free and open-source software (FOSS), under a license GPLv1+ or Artistic License. Installing ExifTool You can install ExifTool on macOS by typing: Getting Support…
This post is about data science and engineering, that can be considered one of the main fields of information technology. You can read this post about information Technology DIKW Pyramid DIKW ordered from top to bottom: Data Structures Data structure…
This post summarizes consoles that emulate the hardware of the (now retro) console ZX Spectrum. List of ZX Spectrum Retro Emulation Consoles ZX Spectrum retro emulation consoles: ZX Spectrum Vega ZX Spectrum Vega was developed by Retro Computers. Its successor,…