Cyber for all - Page 4
This blog is a windows on a complex world. An overlook to the universe of technology which drives our daily life, using a divulgative and enjoyable perspective
OWASP SAMM: Assessing and Improving Enterprise Software Security
OWASP SAMM is a model that helps companies assess their software security posture and implement a strategy to optimize it The Lace Tempest ransomware group, notorious for using Cl0[...]
Read more
The 4 keys to the NIST Cybersecurity Framework v2
NIST Cybersecurity Framework v2 focuses on the importance of governance and supply chain in reducing security risks At the speed of the world moving today, enormous transformations[...]
Read more
DevSecOps: Producing software quickly, continuously, and securely
DevSecOps is a model that enables software development companies to integrate security throughout the software lifecycle When do software applications need to be secured? The answe[...]
Read more
SSVC: How to make decisions about IT vulnerabilities
SSVC is a system that helps to analyze vulnerabilities to make decisions that prevent security incidents and contain their consequences The BBC, British Airways, the US Department [...]
Read more
What are advanced persistent threats?
Advanced persistent threat groups seek to access critical information and destabilize companies in critical sectors and public administrations The era of the cautious and silent sp[...]
Read more
OWASP API Security Top 10
The OWASP API Security Top 10 highlights the top vulnerabilities in application programming interfaces Few acronyms are more relevant to explain the digitization of our world than [...]
Read more
Detecting emerging vulnerabilities before they are exploited
Companies must detect emerging vulnerabilities affecting their assets and anticipate the actions of cybercriminals In May, Barracuda, a company specializing in security solutions f[...]
Read more
MITRE ATT&CK: What tactics and techniques are cybercriminals employing?
MITRE ATT&CK is a framework that systematizes hostile actors’ tactics, techniques, and procedures If the Allies succeeded in carrying out a massive landing like Normandy,[...]
Read more
OWASP Top 10 Privacy Risks
OWASP Top 10 Privacy Risks serves as a guide to comprehensive data privacy management and securing data against criminals At the end of April, the Spanish Data Protection Agency (A[...]
Read more
Why does your company need ransomware simulations?
Red Team services can perform ransomware simulations to test whether an organization is prepared to withstand a ransomware attack The exploitation of a zero-day vulnerability, supp[...]
Read more