Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Cyphere

Penetration testing methodologies, frameworks & tools

There is no doubt how regular penetration tests are an essential part of the vulnerability management process to reduce risks. It is important to ensure penetration tests are efficient and to do so, the use of correct penetration testing methodologies is an essential component. A methodology in this context defines the logic using which various test cases are carried out to assess an asset’s security. Let’s start with the basics first and then move on to the topic.

How to perform a cyber security risk assessment? Step by step guide.

Taking cyber security risk assessment out of the equation, risk assessments are nothing new to the world. Industries such as nuclear, aerospace, oil, agriculture, military and railroad have long-established processes to deal with risk. Continuous risk assessments are performed by food, medical, hospital sectors to control risks affecting their environments.

What is symmetric and asymmetric encryption? Examples & Use cases (including top mistakes)

Encryption is the process of converting plaintext data into an alternative form known as ciphertext. However, only authorised users can decipher the ciphertext back into clear-text to access the information. There are two types of encryption in widespread use, i.e. symmetric and asymmetric encryption. These names symbolise whether the same key can be used for encryption and decryption processes. These two terms: Encryption and cryptography, are often used interchangeably.

Host-based Intrusion Detection System - Overview and HIDS vs NIDS

Although a business appears to make every effort to protect its assets, there is still no security guarantee. Hackers being fully aware of this uncertainty, tend to take complete advantage by tricking users or bypassing restrictions of the technology products in use, allowing them to acquire complete access. Such perils have given rise to the necessity of having a proactive approach towards cyber security to identify, prepare and respond to events.

Role of security in SaaS | SaaS Security Checklist

Software as a Service, also known as SaaS, is a cloud-based service model where a subscriber uses the software via an internet browser. This software could be anything from a simple application such as MS Word to complex business applications such as SAP. All the software tech stack or backend components are located on external servers maintained by the SaaS provider. Before diving into security in SaaS applications, let’s go through basics.

Sensitive Data and Examples | GDPR Personal Data

This is your go-to reference for examples of sensitive data, definition and GDPR personal data including how to identify, classify and protect sensitive data. Highlights It is now easy to access information relating to an individual from the north pole to the south pole with a fast-moving world. You have ever wondered how your personal information is protected or even handled?

What is PCI Compliance? Requirements, Maintenance and Fines

PCI is an information security standard for organisations that handle credit card transactions. It includes any entity that processes, stores or transmits credit card information. This standard is mandated by major credit card companies – Visa, Mastercard, and American Express – and administered by Payment Card Industry Security Standards Council (PCI SSC).

What is Access Control? Key data security component

Access control is unarguably one of the essential aspects of information security. It is the means or method by which your business or any entity or organisation of interest can deny access to an object to subjects or entities not permitted specific access rights. Access control provides an organisational means to limit and control access permission to and by end-users and other interested entities to grant only approved and adequate access.

Penetration Testing vs Vulnerability Scanning

Vulnerability scans and penetration test are often used interchangeably. Unfortunately, it is the improper use that creates confusions, sometimes around security decisions too. This article shal help the reader with these terms: penetration testing vs vulnerability scanning, their project inputs, outputs, security health indicators and decision making factors.