Press "Enter" to skip to content

Posts published in “Security”

Find Real IP of a Website Behind CDN

johnyan 0

There are more and more websites using CDN (Content Delivery Network) to help deliver their contents to end users. It is faster, safer and more reliable. At the same time, CDN such as cloudflare company hides your real ip behind their public ip. Is there a way we can bypassing CDN and find out those websites’ real ip addresses.

Cyber Security TRA (Threat and Risk Assessment) Resources Research

johnyan 0

What is Risk: Risk = Threat x Vulnerability x Asset The enterprise risk assessment and enterprise risk management processes comprise the heart of the information security framework. These are the processes that establish the rules and guidelines of the security policy while transforming the objectives of an information security framework into specific plans for the implementation of key controls and…

PFsense Configuration with Topology and Screenshots

johnyan 0

pfSense is an open source routing and firewall software that is based on the FreeBSD distribution. The basic features including: pfSense Home Topology Static/default/dynamic routing Stateful firewall Network Address Translation (NAT) Virtual Private Networks (VPN) Dynamic Host Configuration Protocol (DHCP) Domain Name System (DNS) Load balancing and so on.  With many supported add-on packages, other advanced features including: Snort (for…

Proofpoint Wombat Security Education Platform Usage – Create Training Assignment

johnyan 0

Gartner has named Proofpoint (Wombat Security) a Leader in Security Awareness Computer-Based Training for a couple of years as far as I could find. There are many functions and features I like, but one thing I specially liked is how easy you can setup a training just with a couple of clicks and some basic information entered. The templates from…

Threat Hunting Tools

johnyan 0

Here are some collections from Internet about Threat Hunting tools, information and resources. 1. Kansa GitHub – Davehull/Kansa http://trustedsignal.blogspot.com/search/label/Kansa http://www.powershellmagazine.com/2014/07/18/kansa-a-powershell-based-incident-response-framework/ Kansa: A PowerShell-based incident response framework

Proofpoint Wombat Security Awareness Training – Phishing Campaign Step by Step

johnyan 0

Wombat ThreatSim® Phishing Simulations are an excellent addition to any security awareness training program, particularly those focused on fighting phishing attacks. Wombat ThreatSim Phishing Simulations serivce has SaaS-based interface which makes it easy to deliver simulated phishing emails and customizable Teachable Moments, which display targeted “just-in-time teaching” messages to individuals who fall for a phishing test.ThreatSim’s customizable email templates address…

Gartner Magic Quadrant for Enterprise Network Firewall (2018,2017,2016,2015,2014,2013,2011,2010)

john 0

Based on Gartner’s definition, the enterprise network firewall ” is composed primarily of purpose-built appliances for securing enterprise corporate networks. Products must be able to support single-enterprise firewall deployments and large and/or complex deployments, including branch offices, multitiered demilitarized zones (DMZs) and, increasingly, the option to include virtual versions for the data center. Customers should also have the option to…

Gartner Magic Quadrant for Unified Threat Management (2018,2017,2016,2015,2014,2013,2012,…)

john 0

Gartner defines the unified threat management (UTM) market as multifunction network security products used by small or midsize businesses (SMBs) (< 1000 employees). 2018 Gartner Magic Quadrant for Unified Threat Management Report For leaders quadrant, no changes since 2015. Fortinet, Check Point and Sophos are in there.

Gartner Magic Quadrant for Access Management (2017,2016,2015 )

johnyan 0

Today’s businesses require secure 24/7 access to their cloud applications and data, and require more than Web Single Sign-On to propel their business forward. The world has changed, allowing an almost infinite number of identities and accounts on different platforms and devices including cloud, mobile, social, and personal networks. Having an identity and access management strategy in place is more…