Incident response process
There’s been a security incident in your organization. What do you do? Panic? No ;)! You follow an incident response process. In this article, we’re…
Tag: Cybersecurity 101
Request forgeries (CSRF, XSRF, SSRF)
In 2020, CheckPoint Research announced multiple vulnerabilities in the popular social media application named TikTok. One of the found vulnerabilities allowed an attacker to delete…
Directory / Path Traversal
Just like you have directories on your PC, laptop, and mobile phones, web servers also have directories. For example, if you were to purchase web…
Proxy Servers
Proxy servers are a topic that you can expect to get quizzed on in the CompTIA Security+ exam. To make sure you can answer questions…
Important pentesting concepts for the Security+
You’ve been running vulnerability scans on a regular basis, you’ve expanded that into a broader vulnerability assessment approach, and you’ve been fixing everything that’s been…
Authentication Protocols (802.1X, EAP/PEAP, EAP-FAST/TLS/TTLS, and RADIUS)
Let’s talk about network authentication protocols that we can use and that we need to know for the CompTIA Security+ exam. We’re going to discuss:…
Biometrics techniques and concepts for authentication
We talked about how biometrics can be used for multifactor authentication in order to verify someone’s identity. Biometric authentication refers to something you are (as…
Multifactor authentication (MFA) factors and attributes
Password-based authentication has been proven time and time again to be a vulnerable form of authentication. One of the best defenses is using Multifactor Authentication,…
What is Two-Factor Authentication (2FA)?
Passwords are hard. Most of us use passwords of varying length and complexity. That’s mainly to fulfill the requirements offered by every single site that…
Password managers: should you use them?
What’s the point of password managers anyway? Let’s take a look at a scenario that we’re all familiar with… The scenario: We all have this…