IT is a huge field that requires a wide set of knowledge in several areas. When you work in server administration or network administration, you will likely start off in a general IT position that lets you get your feet wet with new technology. IT administration is about handling […]
With most businesses moving to the cloud, web developers are in high demand. Web developers are the programmers who create web pages and web apps that drive business processes whether for end users or internal business users. Web development usually involves writing programs for browsers but you might find […]
Chief Technology Officers (CTOs) have the highest demand in salary, because they usually lead the entire IT support and development team. A CTO usually has a background in IT, but he manages each team within the department to ensure that all operations are happening smoothly.
Prerequisites: How to Excel to […]
The world of mobile is taking over desktop applications, and mobile development and people who understand mobile design and architecture are in demand. Mobile development involves designing apps that are based around mobile devices such as tablets and smartphones and software development for mobile operating systems such as Android […]
Vulnerability management has become a huge challenge in today’s malicious cyberspace. SQL Injections, Cross Site Scripting and DDoS Attacks are arguably the most commonly exploited vulnerabilities, constantly appearing in OWASP research reports. Injection flaws took the first place in the 2013 OWASP Top-10.
SQL Injections (SQLi)
SQL Injections are basically unsanitized […]
You heard right, the InfoSec Institute is adding several new training programs to our award winning lineup of courses. Whether you want to master a new application, improve your web dev skills or dive into relational databases, we’ve got you covered.
Check out our new category pages where you can see […]
As we become more dependent on technology the proper security of our data is more important than ever been before. It’s no surprise that the demand for competent IT auditors is at an all time high. The need for enterprises to evaluate the processes and policies they use to […]
Over the numerous configuration reviews and pentest engagements that we have performed for our clients, we’ve observed a common pattern in the configuration weaknesses in Linux systems. We believe reviewing these common weaknesses and taking them into consideration may save a lot of time and resources, and more importantly help system administrators […]
By Chris Clymer, SecureState Advisory Manager and Kerstyn Clover, SecureState Consultant
If there’s one constant for security practitioners across virtually all organizations regardless of size, industry, or location, it is compliance. PCI, HIPAA, GLBA, EU Safeharbor, NERC/CIP, state laws, client contracts: whatever business you’re in, chances are there is at […]
Today’s cyberspace has become a dangerous place for individuals and businesses. Vulnerabilities are exploited using sophisticated malware and complex hacking techniques. This is why Security Testing is needed in every software development life-cycle (SDLC). Enter Source Code Analysis (SCA).
SCA is the most comprehensive and efficient way to locate loopholes […]
Within a business continuity plan exists a few steps:
Business Impact Analysis (BIA)
This involves determining the operational and financial impact of a potential disaster or disruption, including loss of sales, credibility, compliance fines, legal fees, PR management, etc.
It also includes measuring the amount of financial/operational damage depending on the […]
It is hard to accept that nowadays, organizations get along without having an astute and decisive information system. Providing a reliable and coherence information system requires a solid security framework that ensures confidentiality, integrity, availability, and authenticity of the critical organizational assets.
Information Security Management System (ISMS) defines to setup […]
Passionate about security & learning?
We are hiring an Information Technology Instructor for our online courses
Under general supervision, plans and implements curriculum and educational programs for students within the online training program, as well as occasionally serving as a backup ILT instructor.
Supports students in online courses with webinars, direct answers to […]
Finding a proven pattern to find defects early in your cycle saves not just money but also the time required to patch those defects. Threat modeling is a tested and proven method to meet this objective. This procedure evaluates the vulnerabilities that can potentially exist in a target under […]
This article follows my earlier one: “Secure Software Development Life Cycle” (from now on referenced as S-SDLC), being one Implementation of the S-SDLC program. I have covered the basics of S-SDLC in my previous article – and I recommend readers to go through it if you have not already […]
In recent decades, cyberspace has grown to impact nearly every aspect of human existence. It is increasingly relied upon by citizens and policy-makers, as well as the military and federal agencies. Despite these facts, the importance of securing cyberspace is often overlooked. It is widely accepted that hackers, criminals, […]
Email is still, to this day, the most used method of online communication. Even though many people predicted email would eventually get replaced by instant messaging or video chat software, the fact remains that email is simple to use, works everywhere thanks to the standardization of the SMTP protocol, […]
I have written a lot about building flexible Agile teams and their usual shortcomings. However, there is a river of information behind it and improving our knowledge of building patch-functional teams is worthwhile. This type of team has all the skills that are needed, so that we can provide […]
Over the past ten years, there has been a steady increase in the number of generic top-level domain names (gTLD). As a result, people can currently register various gTLDs such as .asia, .pro, .tel, or even .xxx. In the near future, even more gTLDs will be available for registration. […]
There has been a lot of talk about how to connect your laptop though the Android network and use the bandwidth that you’re already paying for. Usually, this requires setting up an access point on an Android device and connecting to it with the laptop. On some devices you […]