Posts

Showing posts from January 17, 2021

Demystifying Zero trust architecture

Image
1.     Introduction to zero trust: A more and more raging buzz word in the world of information security, Zero Trust Architecture refers to the “defense in depth” approach of implementing security concepts removing the process of automatically trusting actors and devices integrated in network. Zero trust architecture provides a thorough end to end approach to enterprise resource and data security controls interwoven around identity (person and nonperson entities), credentials, access management, operations, endpoints, hosting environments, and the interconnecting infrastructure. Zero trust leads to ultimately verifying every single component trying to connect to the system before granting access. Relying on fine grained methods such as micro-segmentation and granular perimeter enforcement based on users, zero trust helps to control security over controls such as trusting a user, machine or application for gaining access to a part of the enterprise network. Zero Trust leverage

Digital Wallets Security

Image
Introduction to digital wallets  Digital wallet, also referred as "e-Wallet" allows people to perform electronic transactions without the need to have physical cards. Not only does it allows to perform payment and transactions, but also is handy to store other identity documents such as loyalty card(s) within the wallet. It also eliminates the need to carry multiple physical cards. Now as we have understood in simple words the meaning of digital wallets let us understand how do digital wallet transactions work. Steps of a digital wallet transaction being performed To use a digital wallet, the user needs to open the wallet application on mobile. To do this users can either use facial recognition, fingerprint identification, or PIN codes (based on the phone model and the configuration) Post unlocking the application, the user next selects the stored payment method for use, as digital wallets allows to store multiple cards There can be two type of transactions for digital wallet

Threat intelligence overview - Threat Intel Series Part-1

Image
TLDR:  Threat intelligence is on way to becoming a must-have capability for every organization. This will not only help protect the firm but also keep them aware of constant threats and the plan to safeguard against those. Threat intelligence overview: As defined by Gartner, threat intelligence is evidence-based knowledge, including context, mechanisms, indicators, implications, and actionable advice, about an existing or emerging menace or hazard to assets that can be used to inform decisions regarding the subject's response to that menace or hazard. This curated information helps a firm to make better decisions about how to defend ourselves and our business, from cyber-based threats. Threat intelligence can help identify and analyze different cyber threats relevant to your organization  The best approach is to use specialized threat intelligence tools to capture and digest feeds and thereafter analyze them via existing knowledge to know if a threat is real and the applicable acti

Network forensics overview

Image
Introduction Network forensics in a nutshell is the combined activities regarding capturing, recording, and analyzing network packets in order to determine the source of attacks. Steps of network forensic examinations ·         Identification ·         Preservation ·         Collection ·         Examination ·         Analysis ·         Presentation ·         Incident Response Types of analysis performed on network level: ·         Data-link and physical layer (Ethernet) Methods are achieved with eavesdropping bitstreams on the Ethernet layer of the OSI model. Monitoring tools or network sniffers such as Wireshark or Tcpdump are used. These help to capture traffic data from a network card interface configured in promiscuous mode. ·         Transport and network layer (TCP/IP) Network layer provides router information from routing table present as well as log evidence. These help a great deal in providing information on compromised packets, identifying sources