A Simplified TRA (Threat and Risk Assessment) Example
Still Under Writing… A Threat and Risk Assessment analyzes a software or hardware system for vulnerabilities, examines potential threats associated with those vulnerabilities, and evaluates the resulting security risks. A…
IBM Guardium Studying Notes
Accessmgr account unlock / reset Log in to the CLI and run the following command: support reset-password accessmgr<N>|random. You can use <N> or random where <N> is a number in…
Palo Alto UserID Agent Configure Steps
One of the challenges in configuring firewall policies is the fact that they rely on IP addresses and IP subnets rather than users or user groups. In particular for next…
SIEM System Use Cases
Working on LogRhythm – Cloud SIEM project. LogRhythm’s SIEM solution combines enterprise log management, security analytics, user entity and behavioral analytics (UEBA), network traffic and behavioral analytics (NTBA) and security…
Palo Alto Firewall Migration Plan Tasks List
It is simple breakdown for a complicate firewall migration plan. It can be used to plan migration from existing firewalls to new Palo Alto Firewall. The tasks should be modified…
Enable CyberArk File Copy / Paste Function Between PSM RDP Sessions
Enable Copy/Paste Function Between PSM RDP Sessions By default, the settings disables this function. You will not be able to copy / paste between PSM RDP sessions, although SSH sessions…
Symantec Endpoint Detection & Response (EDR) Notes
Symantec EDR (Endpoint Detection & Response, Previously ATP – Advanced Threat Protection) exposes advanced attacks with precision machine learning and global threat intelligence minimizing false positives and helps ensure high…
Vulnerability: SSL/TLS use of weak RC4(Arcfour) cipher port 3389/tcp over SSL
Recent during a vulnerability scan , there is RC4 cipher found using on SSL/TLS connection at port 3389. The solution in the Qualys report is not clear how to fix.…
The rocket-fast Syslog Server – Rsyslog Client and Server Configuration
Rsyslog is an Open Source logging program, which is the most popular logging mechanism in a huge number of Linux distributions. It’s also the default logging service in CentOS 7…
Benchmark Linux Disk Read/Write Speed
hdparm is a command line utility to set and view hardware parameters of hard disk drives. It can also be used as a simple benchmarking tool. Install hdparm CentOS #…
NIST CSF Core Notes
NIST Framework Components The Cybersecurity Framework consists of three main components: The Framework Core provides a set of desired cybersecurity activities and outcomes using common language that is easy to…
Gartner Magic Quadrant for Endpoint Protection Platforms (2019,2018,2017,2016,2015)
Research firm Gartner defines the Endpoint Protection Platform (EPP) market as one with offerings that “provide a collection of security capabilities to protect PCs, smartphones and tablets,” which it said…