Tag: Infosec

• Influencing ingress BGP routing using communities and local preference

  Posted on October 19, 2021, Level advanced Resource Length long

  Border Gateway Protocol (BGP) is an enormous protocol with a nearly endless list of features, knobs and capabilities. BGP's mechanism for choosing the best path is complex but also well known. You should brush up on that algorithm if you're out of practice. By Nicholas Russo.

  ---

  Tags infosec servers linux devops cio

• SSH tunneling explained

  Posted on October 18, 2021, Level beginner Resource Length medium

  In this post author will cover different tunneling features as supported by OpenSSH, which helps achieve security use cases such as remote web service access without exposing port on the internet, accessing server behind NAT, exposing local port to the internet. OpenSSH is the most widely used open-source SSH server. It comes pre-installed by default with the vast majority of Linux distributions. By Sakshyam Shah.

  ---

  Tags infosec servers open-source linux app-development

• The state of security operations: How SOCs changed in 2021

  Posted on October 17, 2021, Level beginner Resource Length medium

  Security operations has seen non-stop evolution and growth for many years, but the past 18 months has been particularly impactful on security operations teams. In addition to the drastic transformation brought on by the COVID-19 pandemic, there have also been some significant breaches that have shifted perspectives and highlighted some key areas of concern. By pwheiler.

  ---

  Tags cio learning infosec miscellaneous

• AWS WAF and CloudFront: How to use them together

  Posted on October 5, 2021, Level intermediate Resource Length medium

  Using AWS CloudFront and AWS WAF together, you can add some security to your sites with less work and focus on making features for your users. By Peter Grainger.

  ---

  Tags devops how-to aws infosec cloud

• 12 critical resources to help you learn DevSecOps

  Posted on October 3, 2021, Level intermediate Resource Length short

  Whether you are a seasoned DevOps engineer who wants to branch out to DevSecOps, or you're just starting your career and defining your direction, there has perhaps never been a better time to enter the DevSecOps career field or learn about cloud native security. By Maor Goldberg.

  ---

  Tags learning devops infosec containers

• Authenticated boot and disk encryption on Linux

  Posted on September 28, 2021, Level advanced Resource Length long

  Linux has been supporting Full Disk Encryption (FDE) and technologies such as UEFI SecureBoot and TPMs for a long time. However, the way they are set up by most distributions is not as secure as they should be, and in some ways quite frankly weird. In fact, right now, your data is probably more secure if stored on current ChromeOS, Android, Windows or MacOS devices, than it is on typical Linux distributions. By Pid Eins.

  ---

  Tags linux software how-to infosec

• How to create a self-signed SSL certificate for Nginx in Ubuntu 20.04

  Posted on September 24, 2021, Level intermediate Resource Length long

  TLS, or transport layer security, and its predecessor SSL, which stands for secure sockets layer, are web protocols used to protect and encrypt traffic over a computer network. By Brian Boucheron and Jeanelle Horcasitas.

  ---

  Tags nginx servers infosec linux ssl app-development

• Top 4 cloud native application architecture principles

  Posted on September 12, 2021, Level beginner Resource Length short

  Cloud Native Applications are independent services, collectively but loosely coupled. Cloud native development is an approach to build quality apps. It is efficient as Cloud native development focuses on architecture's modularity. We need DevOps, Microservices and Containers for cloud native. By AnAr Corporate.

  ---

  Tags cloud infosec app-development software-architecture

• Top 10 common types of network security attacks explained

  Posted on September 10, 2021, Level beginner Resource Length medium

  Network security attacks have gained momentum over the past years, which highlights the need for network defenders. Learn more about network security attacks and their types. By CISOMAG.

  ---

  Tags cloud infosec devops cio app-development

• Introduction to OWASP top 10 2021

  Posted on September 9, 2021, Level beginner Resource Length medium

  Welcome to the latest installment of the OWASP Top 10! The OWASP Top 10 2021 is all-new, with a new graphic design and an available one-page infographic you can print or obtain from our home page. By @owasp.

  ---

  Tags cloud infosec devops cio app-development

• Administrator's guide: What makes passwordless, dare we say it, phish-proof?

  Posted on August 31, 2021, Level beginner Resource Length medium

  In some ways, the term "passwordless" is a misnomer. Yes, it's a password-less authentication method, greatly streamlining the login experience, and while that's a great incentive to use passwordless for logging in, it's not an improvement in authentication security in and of itself. By Jeremy Erickson.

  ---

  Tags app-development cloud infosec devops web-development

• Microsoft, Google to invest $30 billion in cybersecurity over next 5 years

  Posted on August 26, 2021, Level beginner Resource Length short

  Google and Microsoft said they are pledging to invest a total of $30 billion in cybersecurity advancements over the next five years, as the U.S. government partners with private sector companies to address threats facing the country in the wake of a string of sophisticated malicious cyber activity targeting critical infrastructure, laying bare the risks to data, organizations, and governments worldwide. Ravie Lakshmanan.

  ---

  Tags miscellaneous ssl google azure infosec cio

• ← Newer Posts
• Older Posts →