Tag: access management

Tag: access management

Use Defensive Cybersecurity to Mitigate Cyber attack
July 28, 2021 Cyber defense, cybersecurity, Online security, System security admin

Wired.com reported that the Kaseya was warned by the Dutch Institute for Vulnerability Disclosure that there was a potential vulnerability in its system. In this case, Kaseya did not ignore the warning, but Kaseya did not move first to patch up the exposure. The impact of this attack on Kaseya is enormous because it is

Read More
Gathering Penetration Testing Intelligence from Network and Application Platform Configuration
June 1, 2021 Cyber defense, cybersecurity, Elearning, Online security, Penetration testing, Pentest, System security, Web frameworks admin

Network configuration refers to the process of setting a network’s controls, flow, and operation to support the network infrastructure of an organization or for an individual owner. Components of a computing network include Internet/network protocols, software or application, firewall, routers, and others that perform related tasks. Most network configurations are designed to meet communication objectives.

Read More
How to Use Robots.txt File to Gather Intelligence for Penetration Testing
April 27, 2021 Cyber defense, cybersecurity, Online security, Penetration testing, Pentest, System security admin

In the head section of web documents, there is meta-information used to describe the page, including helping search engines categorize the page. The meta-information that is of utmost importance to the discussion is the meta information for robots that refers to the robots.txt file. What is the robot.txt file? The roborts.txt is a file that

Read More
Gathering Information for Penetration Testing Using Search Engines Discovery and OWASP ZAP
April 20, 2021 Cyber defense, cybersecurity, Online security, Penetration testing, System security admin

Using a search engine discovery is another great option for gathering intelligence about a penetration testing target. A search engine query can be direct or indirect. The direct method is where the search engine can be sued to dig into the indexes and contents from caches. The indirect method is where sensitive information such as

Read More
Selection of Tools for Penetration Testing
June 30, 2020 Elearning, Online security admin

There are several types of tools for penetration testing. The number of available tools is so many that it will be practically impossible to learn all of them. Using the wrong set of tools can be a problem because the pen tester would have wasted so much time trying to gather the wrong information. As

Read More
Planning for Penetration Testing
June 23, 2020 Elearning, Online security admin

In the last episode, I described the need to test your systems to assess if it has any vulnerability, and then use the report to fix up and patch the crucial areas of importance. Penetration testing is also referred to as ethical hacking. Though both refer to the same concept, there is a difference between

Read More
Penetration Testing as a Cybersecurity Survival Technique
June 5, 2020 Elearning, Online security admin

It does not matter how strong you made your security controls and policies, if you have tested to see if it can withstand the doom day attack, then you need to think again. You may need to find out if it meets your expectation or other industry standards. Penetration testing can be considered as an

Read More
Security Challenges in Elearning Systems
May 20, 2020 Challenges of Elearning, Challenges of Remote Work, Online security admin

As eLearning is emerging as a good alternative for leaning in situations where learners and instructors cannot meet in a physical location, the need to ensure confidentiality, integrity, and availability of eLearning systems are growing just as the demand for eLearning is growing. Elearning depends on the internet and its availability and suffers the same

Read More