Tag it security

Log Management

This post explains the concept of log management and provides Description of Log Management A log is a registry produced by a device or application about its internal use. Logs are helpful for debugging or monitoring IT security. Log management…

OpenSSF

Open Security (OpenSSF) is a non-profit organization It is part of the Linux Foundation. It was founded in 2020. OpenSSF Notable Projects OpenSSF Scorecard is a vulnerability scanner of FOSS projects. OpenSSF on the Social Networks Links to Social Networks:…

Information Security Governance

Information security governance is a part of governance, risk and compliance (GRC). Information Security should take into account the organization objectives and identified risks to define information security objectives. To achieve these goals, the IS strategy must be defined. Information…

How to get the CCSP Certification

Certified Cloud Security Practitioner (CCSP) is a certification focused on cloud security and issued by American non-profit organization ISC(2) CCSP certification is more detailed than CCSK certificate, that is issued by Cloud Security Alliance (CSA). Some recommend to obtain CCSK…

Information Security Domains

Information security domains or areas are the different fields where the practice and studies of information security can be split. This post proposes different classifications for the security domains. Information Security Domain Proposals Information security domain proposals featured on this…

HTTP Traffic Interception Tools

This post features HTTP traffic interception tools for performing penetration tests. List of HTTP Traffic Interception Tools HTTP traffic interception tools: Burp Proxy Burp Proxy is a tool contained within Burp Suite. Proprietary and freemium. It is developed by British…

IT Security Threat Modeling

Threat modeling is the process of identifying, analyzing and categorizing threats. List of Cybersecurity Threat Models Cybersecurity Threat Models featured on this post: The most popular is MITTRE ATT&CK. MITRE ATT&CK MITRE ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) Matrix is…