infosec - Jonsdocs

Wargaming: running incident response plan tests - part 3

Part two finished with our defenders heading in the right direction to find the simulated infection. They'll have used a combination of tools in order to get this far, likely including firewall and network logs. As a reminder, for this exercise there was a simulation running that reached out to

wargaming

Wargaming: running incident response plan tests - part 2

The time has come to run your wargame, let's look at what happens on the day itself.

wargaming

Wargaming: running incident response plan tests - part 1

Cyber exercising is important for checking how a team responds to an incident.

cyber security

The dangers of default credentials

Default credentials are useful for logging in to systems initially, but shouldn't remain in place afterwards.

hacking my old blog

Hacking my old blog: part 4, security fixes

To finish off the series, I discuss some of the mechanisms that could have been used to protect my old blog.

hacking my old blog

Hacking my old blog: part 3

The final post in the attack phase of this series.

hacking my old blog

Hacking my old blog: part 2

Let's get into the admin panel...

hacking my old blog

Hacking my old blog: part 1

A dig around my old blog to see if I can hack it.

cyber security

Dealing with low hanging fruit

Deal with the easy quick wins before you have an external testing team perform their audit.

cyber security

My CISSP experience

In early September 2020 I studied for the CISSP at an intensive six day course.

cyber security

"We have conducted a review to ensure this never happens again"

If you're going to claim to have "conducted a review" you need to make sure your response is appropriate and useful.

development

Passwords as technical debt

Passwords aren't going away...

cyber security

Dealing with Ransomware - a real life tale

Thinking clearly during a ransomware attack is key, helping to save your data.

cyber security

Permissions vs authority

A discussion of the differences between "having permissions" and "having authority".

eVitabu

Why we chose OAuth for eVitabu

User authentication is an important consideration when designing any system. Here's how we decided to use OAuth for eVitabu.

conference

Towards a safe and secure smart world (conference)

A summary of my key take aways from January's conference.

cyber security

Learning from cyber attacks

Cyber attacks are a regular occurrence, and it's important that we learn from them.

cyber security

Reusing paper - good for the environment, risky for privacy

It's important to review the paper you re-use to avoid leaking confidential information.

cyber security

Delegated trust vs Web of Trust

The difference between the web of trust and delegating your trust to a third party.

cyber security

Password cracking and how it can help your organisation

Password cracking can be an invaluable tool when it comes to checking your organisation's password hygiene.

cyber security

What is a Next Generation firewall?

A look at Next Generation firewalls and the extra services they often provide.

cyber security

Kent Cyber Security Forum 2019

A short write up following the Kent Cyber Security Forum 2019.

ethics

A question of ethics: disclosing security vulnerabilities

When you've found a vulnerability, bug or data leak how do you report it? This post looks at the considerations for disclosure.

ethics

A question of ethics: investigating users

Thoughts on being fair and considerate when investigating others.

System administration

Logging: getting the right balance

Logging: what's too much? Is there too little? How long should I keep them? This post discusses factors to consider when configuring logging.