[Original] Cyber Warrior's Cybersecurity PRISM

Details: Written by: Meena; Category: Cybersecurity PRISM

Server-side request forgery (also known as SSRF) is a web security vulnerability that allows an attacker to induce the server-side application to make HTTP requests to an arbitrary domain of the attacker's choosing.

Details: Written by: Meena; Category: Cybersecurity PRISM

The security architect can be defined as a person who is entrusted to manage and keep a watchful eye on the various security aspects of a company. He has to be very vigilant and carefully observe that no hacker, phisher or pharmer is able to damage the computer system and steal sensitive information from its database. Therefore, you need to be shrewd as an attacker to anticipate the techniques employed by hackers to perform their illegal tasks. The job is very challenging yet quite exciting.

Details: Written by: Meena; Category: Cybersecurity PRISM

There are many ways to expose, alter, disable, destroy, steal or gain unauthorized access to computer systems, infrastructure, networks, operating systems and IoT devices.

In general, attack vectors can be split into passive or active attacks:

Details: Written by: Meena; Category: Cybersecurity PRISM

Every security device has advantages and disadvantages and firewalls are no different.

If we applied strict defensive mechanisms into our network to protect it from breach, then it might be possible that even our legitimate communication could malfunction, or if we allow entire protocol communications into our network, then it can be easily hacked by malicious users. So, we should maintain a balance between strictly-coupled and loosely-coupled functionalities.

Details: Written by: Meena; Category: Cybersecurity PRISM

The underlying concept of both Containerization and Virtualization is finding an alternative to traditional infrastructure setup to execute processes with more flexibility, speed and efficiency, while using minimum resources.

Details: Written by: Meena; Category: Cybersecurity PRISM

Here I wish to make you understand the technical backbones of DDoS.

Details: Written by: Meena; Category: Cybersecurity PRISM

Conducting a regular penetration test is a helpful way to identify serious vulnerabilities within your IT environment. A trusted ethical hacker performs the penetration test using a methodical and thorough approach.

Details: Written by: Meena; Category: Cybersecurity PRISM

Sandboxes provide ideal, secluded environments to screen certain malware types without giving that malware a chance to spread. Based on the observed behavior, the samples can then be classified as harmless, malicious, or “needs a closer look.”

Details: Written by: Meena; Category: Cybersecurity PRISM

Reverse engineering has long been the leading method for understanding how malicious programs operate and what they’re engineered to do. Reverse engineering as a process has evolved as malware has become more sophisticated and detection tools have improved, but it remains critical.

Details: Written by: Meena; Category: Cybersecurity PRISM

Recently I was having a discussion about the use of sensors for IPS with one of my clients. I had to clarify the difference between IDS and IPS to him.

Today, I am sharing the crux of that discussion with you…

Technical factors to consider when selecting sensors for deployment in an organization include the following:

Details: Written by: Meena; Category: Cybersecurity PRISM

All network analyzers/sniffers have the ability to capture data from network. But most of them only do some simple statistics then throw pages of numbers to the users. Especially in a big network with heavy traffic, network administrators have to figure out a network problem even a simple one.