Cyber Security information and News

Because you can never have too many Security Blogs or Threat Feeds

Latest from the Blog

Cipher Suite Recon with TestSSL.sh

Weak Ciphers can be your key to MITM (Man in the Middle) traffic sniffing, so whats the best approach to discover them? There are many methods out there, Qualys SSL Labs is one of the most popular for scanning websites, but what about an internal server not publicly available? Fire up your Kali VM, install…

A Risk Acceptance Log is a MUST

As a Security Analyst, your job is to identify business risks and raise the alarm to higher along with your recommendation of a solution. Some times you get approval for immediate mitigation action, other times for whatever reason the recommendation will be overruled. Risk = Threat x Vulnerability Lets make this a scenario and say…

CISSP Certification Journey

My own three month journey ended the other day in success passing the CISSP (Certified Information System Security Professional) certification test. Thought I’d outline my study strategy as a whole, what really helped, what was a waste of time and some other tips and tricks I learned along the way. If this guide helps one…

Get new content delivered directly to your inbox.