SecurityResearch-101

What is a data diode? A data diode is hardware device that is often called a "unidirectional security gateway". It is placed between two networks with different levels of security and controls the flow of information in a safe, one-way transfer of data between segmented networks. In terms of security, network data flowing through data diodes makes it impossible for an insecure or hostile network to imbibe malware or access the system. Data diodes allows data processing in real time to information management systems protecting valuable information and network infrastructure from theft, destruction, tampering, and human error, mitigating potential loss of thousands of dollars and countless hours of work. Data diode design maintains physical and electrical separation of source and destination networks, establishing a non-routable, completely closed one-way data transfer between networks eliminating external points of entry to the sending system, preventing intruders and contagio

Many people use the terms - compromise assessment and threat hunting interchangeably. For the same, well to clear it out both are different! How and in what sense, let's take a dig at: A compromise assessment is a high-level review of the organization that does not rely on a limited scope to find out if they are compromised.  Performing such assessment helps establish that if a baseline is enough apart from highlighting the risks associated with a compromise not being effectively communicated to senior/executive leadership within your organization. Coming to threat hunting , this is a more mature assessment targeted to identify objectives such as (espionage, pivoting, data exfiltration, etc.) targeting your organization. source- https://www.crowdstrike.com/cybersecurity-101/threat-hunting/ Where Does Threat Hunting Fit? Threat hunting is highly complementary to the standard process of incident detection, response, and remediation. As security technologies analyze the raw data to

Beginning with Kubernetes Hacking into - Part 1 Introduction: Hi Readers, the world of virtualization is still in a starting stage and combined with the flavor of security, it’s a very interesting thing to learn and work with. As first part of the series we will focus on a very new concept of Virtualization which centers on Kubernetes. Let’s start from the very basics. Kubernetes is a powerful open source tool developed by Google. It helps us to utilize “micro-services” or better say “containerized” applications across distributed cluster of “nodes”. The beauty of Kubernetes lies in its highly resilient infrastructure with almost zero downtime apart from its immense deployment capabilities as well as offering a host of other features along with it. In a nutshell, the main objective of Kubernetes is to obscure the complexity of managing multiple containers by introducing REST based Web services in its backend. Kubernetes’s portability factor is another add-on. You can run i

Security with Block Chain Technology: Part 3 Security by Design | Researching in Smart Contracts- Block Chain If you are a block chain enthusiast, user, miner or any person involved with the usage of block chain, you will know about Smart Contracts. For people who are new to it, let’s state in simple lines about Smart Contracts: What are smart contracts? Smart contracts are part of executable code that automatically runs on the block chain model to execute agreement presets between multiple parties involved in the transaction. Smart contracts allow the performance of credible transactions without third parties. These transactions are trackable and irreversible. Implementation relies on- Byzantine fault-tolerant  algorithms which allows digital security through decentralization to form smart contracts. Notable examples of implementation of smart contracts include the following: ·          Bitcoin   ·          Ethereum   ·          Ripple  (Codius) Why Sma