Open-source application security flaws: What you should know and how to spot them

| | Application Security
Introduction Open-source software helped to revolutionize the way that applications are built by professionals and enthusiasts alike. Being able to borrow a non-proprietary library to quickly prototype and build an application not only accelerates progress in projects, but also makes things easier to work with. Open-source libraries when creating applications ... Read More

On-premises vs. cloud-based cyber ranges: Why virtual learning environments are best

Introduction Most companies have been struggling with making decisions about infrastructure. Cloud or on-premises? Cyber ranges are not immune to this kind of decision-making when it comes to planning and deciding on which path to take. Each approach has its own benefits, drawbacks, pros and cons. If you are thinking ... Read More

Webinar summary: Digital forensics and incident response — Is it the career for you?

Introduction Infosec held a webinar with Cindy Murphy to find out about what it takes to get started in digital forensics and incident response. Cindy gives her take on how to get started in this... Go on to the site to read the full article ... Read More

Malware spotlight: Nodersok

| | Malware Analysis
Introduction The zombie movie film genre has long been a favorite among horror film fanatics, as shown by the ever-growing number of films that portray an undead apocalypse. Each of these zombie... Go on to the site to read the full article ... Read More

What are tagged and untagged ports?

| | General Security
Introduction Back in the old days, there were no such things as managed switches. Instead, modern Ethernet connections were handled by simple devices called hubs. There were many older standards that... Go on to the site to read the full article ... Read More

5 legitimate tools commonly used for malicious purposes

| | General Security
Introduction It should come as no surprise that there is quite a lot of malicious activity that can be accomplished with seemingly harmless tools. You could make the analogy of a workshop tool, such... Go on to the site to read the full article ... Read More

Transitioning from DevOps to DevSecOps

| | General Security
Introduction DevOps is essentially the combination of software development and IT operations, and it is found in many enterprise environments. DevOps initially started as a process that fostered an... Go on to the site to read the full article ... Read More

CySA+ domain #8: Incident response process

Introduction CompTIA has identified a need in the market for cybersecurity professionals that want to certify their knowledge and earn a cybersecurity analyst qualification. The CySA+ certification... Go on to the site to read the full article ... Read More

CySA+ domain #10: Digital forensic tools and investigation techniques

Introduction As is the case with all CompTIA certifications, the CySA+ is a vendor-neutral exam. It is aimed at the intermediate cybersecurity professional. There are no real prerequisites for the... Go on to the site to read the full article ... Read More

CySA+ domain #9: Analyzing common symptoms

Introduction Trying to secure a network without the right skills and tools is not possible, especially when you’re dealing with cybercriminals that make a living from breaching networks and... Go on to the site to read the full article ... Read More