Tag: English

OWASP (Open Web Application Security Project) is a nonprofit foundation dedicated to improving software security. It provides valuable resources, tools, and guidelines for developers and security professionals to create and maintain secure applications. One of OWASP’s key contributions is its set of security principles, which guide developers in building robust and secure software. Let’s explore […]

The NIST CSF is a voluntary framework that consists of standards, guidelines, and best practices to manage cybersecurity risk. The confidentiality, integrity, and availability (CIA) triad represents the three foundational pillars of security. NIST SP 800-53 is a comprehensive set of security and privacy controls developed by the National Institute of Standards and Technology (NIST) […]

The CIA triad is a fundamental model in cybersecurity that consists of three core principles: Confidentiality, Integrity, and Availability. Let’s explore each component and then tie them together in a broader cyber attack scenario. Confidentiality Confidentiality refers to protecting sensitive information from unauthorized access or disclosure. It ensures that data is only accessible to those who […]

The NIST Risk Management Framework (RMF) provides a comprehensive, flexible, repeatable, and measurable 7-step process that any organization can use to manage information security and privacy risk for organizations and systems and links to a suite of NIST standards and guidelines to support implementation of risk management programs to meet the requirements of the Federal […]

Security analysts use SIEM dashboards to monitor, analyze, and respond to security events across an organization’s IT infrastructure. Let’s explore some common dashboard examples and create a story to illustrate their use cases.Common SIEM Dashboard Examples: Imagine a day in the Life of Sarah, the Security Analyst. Sarah, a senior security analyst at TechCorp, starts […]

Security Information and Event Management (SIEM) tools are comprehensive cybersecurity solutions that collect, analyze, and correlate data from various sources across an organization’s IT infrastructure to detect and respond to security threats in real-time. Here we will dive into a detailed description of SIEM tools and three market-dominant brands: Splunk, IBM QRadar and Exabeam Fusion […]

The CIA triad consists of three core principles of information security: Now, let’s visualize these concepts through a story: The Tale of SecureBank’s Digital Transformation Sarah, the newly appointed Chief Information Security Officer (CISO) of SecureBank, was tasked with modernizing the bank’s online banking platform while ensuring robust security. She knew the CIA triad would […]

CNSS (Committee on National Security Systems) is an intergovermental organization in United States. Its main goal is to set policies based on CIA triad (Confidentiality, Integrity, and Availability). One of the guidelines is for Space Systems and it requires some attention, since it is not the final frontier but the next target for mass attacks. […]

As a Cyber Security Specialists, our one of the main duties is to follow legal regulations and national and international directives as many of them will relate to our works in any scale. Here is a summary of US President Josef R. BIDEN JR. ‘s executive order on 12 May, 2021. Some key take aways […]