This post discusses some aspects of intellectual property (IP) focused on information technologies. Intellectual Property Legal Protection Measures Intellectual property protection mechanisms featured on this post: Copyright Copyright is a right by law that guarantees the creators of “original works…
This post features abstract IT security models. List of IT Security Models IT security models featured on this post: Belle-LaPadula Belle-LaPadula focuses on confidentiality. Biba Biba model focuses on integrity rather than confidentiality. Clark-Wilson Model Graham-Denim Model HRU Model Harrison-Ruzzo-Ullman…
This post talks about endpoint security on Linux OS. Linux Endpoint Hardening Tools Lynis Lynis is free and open source software (FOSS) tool to audit Unix-like OSs. It is developed by Dutch company CISOfy. Lynis official website Lynis code repository…
This post provides resources to security aspects of domain network system (DNS). This post assumes that you already know how a DNS works. You can read an introduction to DNS on this post. Security Controls for DNS Security controls specific…
Software development teams should follow some guidelines and practices in order to create safe software. When developing software, you should beware of leaving backdoors or maintenance hooks. Secure Software Development Frameworks You can read more about secure software development frameworks…
This post summarizes tools used in IT security. It pretends to be an index for other systems. IT Security Tools by Category Network Scanning Tools List of network scanning tools System Virtualization Security Tools List of system virtualization security tools…
Supply chain security is the part of supply chain management that focuses on the risk management of external suppliers, vendors, logistics and transportation. Its goal is to identify, analyze and mitigate the risks inherent in working with other organizations as…
Data security can be also referred as data protection. This post is about data security platforms. Data governance List of Data Security Platforms Data security platforms featured on this post: Microsoft Purview Microsoft Purview is a proprietary solution to manage…
In the context of IT security, a product compliance list (EPL) is a list of IT products that have been assessed and validated by a third-party considering that it meets all the necessary products. These parties are usually generally trusted…
This post explains the concept of log management and provides Description of Log Management A log is a registry produced by a device or application about its internal use. Logs are helpful for debugging or monitoring IT security. Log management…