Pre-RCA and Post-RCA refer to two different phases of the root cause analysis (RCA) process. Pre-RCA This phase involves activities and steps taken before conducting the actual root cause analysis. It focuses on gathering information, preparing for the analysis, and setting the stage for a successful investigation. Some common activities in the Pre-RCA phase include:… Continue reading Root Cause Analysis
New protocols are being invented and applied rapidly. Basics remains the same at foundation levels. Good understanding of these intact numbering mechanisms are mandatory to analyse various aspects of information security functions; including monitoring, forensics, malware analysis and so. Binary Protocol Structures Binary Protocols works at the binary machine level; the smallest unit of data… Continue reading Network Protocol Structures : Numbering
Routing Traffic IP is a routed protocol; that is, none of the nodes on the network need to know the exact location of any other nodes. Instead, when one node wants to send traffic to another node that it isn’t directly connected to, it sends the traffic to a gateway node, which forwards the traffic… Continue reading Routing Network Traffic : For Traffic Capture
TCP/IP is the de facto protocol that modern networks use. Although you can think of TCP/IP as a single protocol, it’s actually a combination of two protocols Transmission Control Protocol (ICP) and the Internet Protocol (IP). These two protocols form part of the Internet Protocol Suite (IPS), a conceptual model of how network protocols send… Continue reading What is IPS – Internet Protocol Suite?
Maintaining session state Protocols typically implement mechanism to create new connections and terminate existing connections. Identifying nodes through addressing Data must be transmitted to the correct node on a network. Some protocols implement an addressing mechanism to identify specific nodes or groups of nodes. Controlling flow The amount of data transferred across a network is… Continue reading What are Functions of Protocol?
How often we develop poorly but try to secure the application at the perimeter level? Is this even possible? Regardless of the whatever the methodologies being applied for SDLC; there are certain things the team must focus on enforcing the cyber security. Whether you are on Agile, Waterfall or CICD; these “things” must not e… Continue reading Application Security – Missed Plots Redefined – BSIMM
Install and configure network components, both hardware and software-based, to support organizational security. Firewall / UTM NIDS / NIPS VPN Concentrator Firewalls Isolate one network from another A network security device that monitors incoming and outgoing network traffic and decides whether to allow or block specific traffic based on a defined set of security rules… Continue reading Network Technologies and Tools
Install and configure network components,both hardware and software-based, to support organizational security Router Switch Bridge Proxy Load Balancer Firewall NIDS / NIPS VPN Concentrator Wireless Access Points SIEM DLP NAC SSL / TLS accelerators Mail / Media Gateway Hardware Security Models Router Connects computer networks Operate at Layer 3 (Network Layer) Stores information about network… Continue reading Network Components
A network is a way to get ”stuff” between 2 or more “things” Goal: Basic understanding of common modern networking technology and terminology Examples: Analog: ’Snail’ Mail, phone system, conversations, railroad system, highways and roads. Digital: Routers & switches, clients & servers Applications: Email/Messaging, Database, Web Protocol Concepts Protocols are sets of rules. What do… Continue reading What is a Network?