Word of the week “Cyber Security Month – October 2019” Link HERE Word of the week special “If HttpOnly You Could Still CSRF… Of CORS you can!” Before we get into the meat and potatoes of this post, we need to take a look at a couple of concepts in appsec. The first one deals….
Word of the week “Identity is the new perimeter” “I have a dream” not quoting Martin Luther King or ABBA for that matter but most CIO’s or CTO’s in this case. Is there a position to discuss the Cloud Access Security Broker, the positioning of the firewall inspecting outbound traffic as well as the position….
Word of the week “WAF-on much better than WAF-off” Thanks to JuanMi Report: Most Organizations Are Dissatisfied With Their Web Application Firewalls (WAFs) HERE Intro to WAFs HERE Trends for WAFs HERE and the Cost of Web Attacks HERE WAF Market – Key Drivers HERE Word of the week special “We’re just asking – what’s….
Word of the week Remember: “Freedom within a Framework” … Links HERE and HERE and HERE Word of the week special “Persistent engagement” The head of the National Security Agency, Army Gen. Paul Nakasone, has a catchphrase: “persistent engagement.” This covers a broad spectrum of cyber activities at the nation’s largest spy agency. But at….
Word of the week “Lateral movement” Lateral Movement consists of techniques that adversaries use to enter and control remote systems on a network. Following through on their primary objective often requires exploring the network to find their target and subsequently gaining access to it. Reaching their objective often involves pivoting through multiple systems and accounts….