Cyber Security information and News
Because you can never have too many Security Blogs or Threat Feeds
Latest from the Blog
Weak Ciphers can be your key to MITM (Man in the Middle) traffic sniffing, so whats the best approach to discover them? There are many methods out there, Qualys SSL Labs is one of the most popular for scanning websites, but what about an internal server not publicly available? Fire up your Kali VM, installContinue reading “Cipher Suite Recon with TestSSL.sh”
As a Security Analyst, your job is to identify business risks and raise the alarm to higher along with your recommendation of a solution. Some times you get approval for immediate mitigation action, other times for whatever reason the recommendation will be overruled. Risk = Threat x Vulnerability Lets make this a scenario and sayContinue reading “A Risk Acceptance Log is a MUST”
My own three month journey ended the other day in success passing the CISSP (Certified Information System Security Professional) certification test. Thought I’d outline my study strategy as a whole, what really helped, what was a waste of time and some other tips and tricks I learned along the way. If this guide helps oneContinue reading “CISSP Certification Journey”
Get new content delivered directly to your inbox.