Categorie: Security

Egress filtering: you need it!

Egress filtering: you need it!

Security in IT utilises the concept of “assume that you have been breached”. This means that applications and their related infrastructure should be setup in such a way that the impact of a real breach is minimised by making life difficult once an attacker has broken through the defences. Earlier, enablement of infrastructure had months …

+ Read More

Why we ‘shift-left’ with SecDevOps

Why we ‘shift-left’ with SecDevOps

Why we ‘shift-left’ with SecDevOps How safe is my bank? With cybercrime on the rise, financial consumers are – rightfully – concerned about the security systems of the organizations they put their trust in. The way we build our core banking systems should reflect these concerns. In fact: we should always strive to be named …

+ Read More

DevSecOops – Stories of DevSecOps Failures and Success

DevSecOops – Stories of DevSecOps Failures and Success

A presentation by Abhay Bhargav on improving application security, making a ‘shift-left’ possible, by supporting developers with security expertise and integrated services. Security engineering, decentralising security, Secure API design, story-driven agile threat models, celebrating failures and more. You can find it here: https://speakerdeck.com/abhaybhargav/devsecoops-stories-of-devsecops-failures-and-success

DNS Wars, really?

DNS Wars, really?

The golden rule: keep the DNS server that you are interrogating daily as close to you as possible (in your home or office, if you can; if not, at your local ISP). A very nice keynote on DNS Wars, take a look:

Google’s Zero Trust Network approach

Google’s Zero Trust Network approach

It’s all about security, but also about access. Google has adopted a new model for their security. No longer do they choose for perimeter security, they implement security throughout their network. Do not trust your network. It is probably already owned! You can read more about it here: https://thenewstack.io/how-to-start-applying-googles-zero-trust-model/

Meltdown and Spectre Linux Kernel Status

Meltdown and Spectre Linux Kernel Status

Intel says its security updates will make 90% of modern PCs and phones IMMUNE to bugs that could expose billions of people’s private data to criminals (but experts warn the flaws are ‘unfixable’) A great read on the Meltdown and Spectre security flaws. Through the Linux Kernel Monkey Log. Some more explanation on the topic: …

+ Read More