Information security domains or areas are the different fields where the practice and studies of information security can be split. This post proposes different classifications for the security domains. Information Security Domain Proposals Information security domain proposals featured on this…
This post summarizes some aspects of information security on computer networks. Network Security Controls Security Gateway Security gateway is a broad term to refer to a network edge security device. Firewall Firewall is a control. Proxy servers are a type…
Digital Operational Resilience Act (DORA) is an European Union regulation. This post is an introduction to DORA. Introduction to DORA Its full title is “Regulation (EU) 2022/2554 of the European Parliament and of the Council of 14 December 2022 on…
This post features HTTP traffic interception tools for performing penetration tests. List of HTTP Traffic Interception Tools HTTP traffic interception tools: Burp Proxy Burp Proxy is a tool contained within Burp Suite. Proprietary and freemium. It is developed by British…
Threat modeling is the process of identifying, analyzing and categorizing threats. List of Cybersecurity Threat Models Cybersecurity Threat Models featured on this post: The most popular is MITTRE ATT&CK. MITRE ATT&CK MITRE ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) Matrix is…
EC-Council is a private organization that issues certifications related to IT security and cybersecurity. Certified Ethical Hacker (CEH) is a certification issued by EC-Council that has a limited validity. This post explains how to maintain the Certificed Ethical Hacker (CEH)…
A key concept of zero trust security is that it assess security dynamically. Zero Trust Network (ZTN) Zero Trust Architecture (ZTA) Zero Trust Network Access (ZTNA) is an IT security solution that provides secure remote access to an organization’s applications,…
This post summarizes some websites for capture the flag challenges or hackatons. List of Capture the Flag Webs Capture the flag webs featured on this post: HackTheBox Official website CTF365 Official website OverTheWire Official website HackingLab Official website External References
This post features some IT Security and Cybersecurity Professional Associations of Spain. List of Cybersecurity Associations for Professionals of Spain Non-exhaustive list of cybersecurity associations for professionals of Spain: ISACA Madrid Chapter ISACA Madrid Chapter is a non-profit association founded…
This post reviews some security aspects to be taken into account when configuring devices with Google Android OS. This article can be used as a checklist to ensure an Android device is properly configured before releasing it. A standard operating…