3分钟
Automation 和 编制
Do You Need Coding 资源 on Your Security Team?
Often when security teams think about security 自动化
[http://1sna.gsens.net/fundamentals/security-自动化/], they worry they
don’t have the coding capabilities needed to create, implement, 和 maintain it.
Pulling development resources from the IT team or engineering department can
take time; backlogs are long, 和 revenue-generating projects tend to take
优先级. Another option is to hire an IT consultant, but this can be pricey 和
may not be sustainable long-term.
相反,有些时候
4分钟
Automation 和 编制
How Security 编制 和 Automation Will Unite Infosec
After working in the security industry for 15 years, one of the consistent
themes I’ve observed is how teams struggle with balancing the increasing amount
of work they have to do, without an increase in resources to accomplish their
目标. But there’s another, less obvious problem that I like to refer to as a
different kind of SaaS: “security as a silo.”
It should be no surprise that large organizations frequently struggle with silos
that create friction 和 miscommunication—barriers that get i
4分钟
Automation 和 编制
How to Securely H和le a Lost or Stolen Device: A Practical Workflow
It’s 10pm 和 you receive an email from a teammate that their laptop was stolen
在当地的社交活动上. You learn that not only was their computer
unlocked, but they were logged into their company email 和 Salesforce accounts
at the time the device was stolen.
Devices like laptops 和 phones hold a lot more value than the technology
本身. Everything from customer data to company files 和 account logins are
stored 和 easily accessible on these devices, making them easy targets for data
4分钟
Automation 和 编制
Security Career Paths: Common 和 Unique Roles
Security is one of the most in-dem和 roles today. 根据最近的数据
[http://www.csoonline.com/article/2953258/it-careers/cybersecurity-job-market-figures-2015-to-2019-indicate-severe-workforce-shortage.html]
, the dem和 for security workers is expected to grow to 6 million worldwide by
2019. So how do you get into or grow your career in security?
What makes security so interesting is the many directions you can take —
传统与否. This post will walk you through how to build
2分钟
Automation 和 编制
Why Security Teams Should Embrace (Not Fear) Automation
It’s not the coming of the apocalypse. It’s not the end of the security
职业. And it’s certainly not a bad thing. We’re talking about the rise of
自动化. As security threats become a bigger part of the day-to-day concerns
at all types of organizations, bringing in machines has become necessary to keep
up. In fact, security 自动化 can help you become even more valuable as an
员工. Being at the heart of the security orchestration 和 自动化
[http://1sna.gsens.net/solutions/s
1分钟
Kom和
Everything You Need to Know About Building a Career in Security
Are you thinking about pursuing a career in security? 或者你已经有了
started one, 和 you’re wondering what it will take to get to the next level?
Perhaps you have been in the security field for a long time, 和 it’s starting
感觉有点陈腐?
把less of where you are in your journey, we’ve put together a helpful guide
full of valuable information 和 real-world anecdotes about what it means to
pursue this dynamic 和 challenging vocation.
Free eBook: Defining Your Career Path as
3分钟
Kom和
SOC Series: How to Choose the Right Skills for Your SOC
Do you have the right mix of skills in your security operations center (SOC)
[http://1sna.gsens.net/fundamentals/security-operations-center/]? 不管你的
SOC is br和 new or has been around for years, you need to be sure it’s built to
meet the dem和s of today’s complex security l和scape.
In this post, we’ll define the most important skills any SOC should have today
so you can be sure to have the right mix of people to safeguard your business.
Effective Team 和 Communication Skills
把
3分钟
Automation 和 编制
How to Password Protect Apache 导演ies with mod_authn_dbd 和 MySQL on Ubuntu Linux
剧情简介
The mod_authn_dbd is an Apache module that provides the functionality for Apache
to authenticate 用户 with MySQL database. This module provides authentication
front-ends such as mod_auth_digest 和 mod_auth_basic to authenticate 用户 by
looking up 用户 in MySQL tables. Apache’s mod_authn_dbd supports a wide range
of drivers such as, ODBC, MSSQL, SyBase, MySQL, Oracle, PostgreSQL 和 SQLite.
This module allows execution of arbitrary SQL for user / password matching 和
也支持。
3分钟
Automation 和 编制
How To Secure Apache with Let's Encrypt on Ubuntu Linux
剧情简介
Improving your website security has generally been most complicated 和
expensive task for every Linux administrator. Let 's Encrypt是一个免费的,
automated, 和 open certificate authority that provides free X.509证书
for Transport Layer Security encryption via an automated process. 它非常。
complex process to install 和 add an SSL certificate to a web server. 你可以
make it easier with the help of Let’s Encrypt. 您可以轻松地加密数据
[http://1sna.gsens.net/fundamentals/
4分钟
Automation 和 编制
How to Secure SSH Server using Port Knocking on Ubuntu Linux
剧情简介
Port Knocking is a method used to secure your port access from unauthorised
用户. Port Knocking works by opening ports on a firewall by generating a
connection attempt on a set of prespecified closed ports. 一次正确
sequence of connection attempts is received, the firewall will open the port
这是之前关闭的. The main purpose of port knocking is to defend
yourself against port scanners. Changing your default ssh port is not a secure
method to protect your server, becaus
3分钟
Automation 和 编制
How to Secure MySQL Server on Ubuntu Linux
剧情简介
Now a day database server is very critical 和 necessary component for any
应用程序. Databases can be found in everything from web 应用程序, web
server to smartphones 和 other devices. Most of software 应用程序 rely on a
数据库来存储其数据. This is the reason why databases are the number one
任何攻击者的目标. Among all the databases MySQL 和 MariaDB has become
the world’s most popular open source database due to its fast performance, high
可靠性和eas
23分钟
Kom和
An Interview with Rebekah Brown, Co-Author of Intelligence-Driven Incident 响应
We recently interviewed Rebekah Brown for our Defender Spotlight series
[/2017/08/09/defender-spotlight-rebekah-brown-rapid7/] on the topic of her life
作为网络安全卫士. When we spoke with her, she also talked in-depth
about how threat intelligence can inform 和 improve the incident response
生命周期.
Rebekah practices these concepts in her day-to-day life as a defender, 和 she’s
even co-authored a book on this very topic called Intelligence-Driven Incident
响应[http://shop.o
3分钟
Automation 和 编制
RSA (里维斯特,沙米尔 和 Adleman)
剧情简介
里维斯特,沙米尔 & Adleman (RSA) is the public key cryptosystem. 这一现象
of data transmission is secured through it. The letters “RSA” are the initials
of the inventor of the system. Four steps are incorporated in this algorithm:
Encryption, Decryption, Key Distribution 和 Key Generation. 后
development of public-key cryptography, the most famous cryptosystem in the
世界是RSA. In order to maintain proper security, the decryption exponent of
RSA must be greater than cer
3分钟
Automation 和 编制
What is Data Encryption 标准(DES)?
剧情简介
The Data which is encrypted by symmetric key method is called Data Encryption
标准(DES). It was prepared by IBM Team in 1974 和 declared as national
1977年的标准. Government was also using cryptography, especially in
diplomatic communication 和 military. Without cryptography it’s difficult to
interpret military communication. Cryptography was also used in commercial
部门. Federal Information Processing St和ard (FIPS) was also working on DES.
FIPS was integrated with comput
4分钟
Kom和
How to Use Your Threat Model as a Guidepost for Security
The threats you face are unique to your company's size, industry, customer base,
还有很多其他因素. So your approach to protecting your
organization's digital data should be unique, too.
In this post, we’ll cover a framework to develop an effective threat model that
will fits your organization's unique needs.
The Factors that Determine Your Unique Threat Model
There are many factors that can determine your threat model. 虽然这将
vary from company to company, we've identified th