0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

Implementing The FSSCC & NIST CSF Cybersecurity Risk And Maturity Assessment
By: S.E. Williams, MDI, MS, Cybersecurity
February 15, 2021

Background The Federal Financial Institutions Examination Council (FFIEC) is an official partnership of financial inter-agency regulatory organizations. An example of the FFIEC members includes, but is not limited to, the Federal Reserve System (FRB), the Nation Credit Union Administration (NCUA), the Federal Deposit Insurance Corporation (FDIC), and the Office of the Comptroller of the Currency (OCC). 1 ...

How To Learn Information Technology Skills
By: Hiroshi Keing
February 12, 2021

What are IT skills? The first step is understanding what skills are needed before finding which part we are going to learn. Information Technology skills are sets of abilities that allow us to carry everyday activities using computers, software, Smart devices such as smartphones & tablets, and more. Trinity College of San Sebastián’s definition of technology skills is: “To develop abilities to ...

Business Continuity Planning During The COVID-19 Pandemic
By: Nihad Hassan
February 11, 2021

The element of surprise is often part of an attacker's strategy; therefore, it is not uncommon for a disastrous attack to occur without any warning. For example, it is difficult to predict ransomware or an APT attack. Most incidents are unique, and the organizations must have the proper plans to recover quickly, minimizing downtime. Without a contingency plan, surviving from ...

Unpacking the Interview: Cybersecurity Incident Handler
By: Cami Ragano
February 11, 2021

Unpacking the Interview: Cybersecurity Incident Handler Hacking happens. As techniques evolve and malicious actors look for new ways to compromise corporate systems, it's a matter of "when" — not "if" — companies experience a serious security incident. To help mitigate the impact and reduce the risk of potential future compromise[1], many companies turn to cybersecurity incident handlers. These IT professionals are ...

How To Survive Cybersecurity Breaches/Incidents
By: Happi Yvan
February 10, 2021

In an era where technology is invading almost every area of our lives, professional to personal, the amount of data collected by companies and organizations of all sizes is alarming. Humans have become intertwined with technology; from software to hardware, holdable to wearables to insertables, technology is all but inextricable. They, however, do all have one thing ...

Penetration Testing and Ethical Hacking Course Review
By: Prasanna Peshkar
February 9, 2021

With the world turning into one small connected city because of the internet and the fact that most of the work is done using computer systems, it is crucial to guarantee security in such circumstances. All the necessary documents, data, and information are saved in a computer these days, secured with the utmost care. Following this, there are huge requirements ...

Highest Paying Cloud Certifications
By: Shelby Welty
February 9, 2021

Big Money: The Highest Paying Cloud Certifications Money matters. While many IT professionals enjoy the operational challenges and career opportunities that come with being on the front lines of enterprise technology evolution, enjoyment doesn't pay the bills. Competitive compensation is critical for technology staff to feel financially secure and fundamentally appreciated for their skills. So how do IT pros find the ...

How To Protect The SOC From Social Engineering Attacks
By: Nihad Hassan
February 8, 2021

The number of cyberattacks has increased rapidly, in both quantity and sophistication, during the last few years. The coronavirus pandemic has led to a significant shift in the workforce working from home, which resulted in a massive increase in cyberattacks. No one is immune to cyberattacks; organizations of all types and sizes continue to fall victim to cyberattacks despite all ...

Unpacking the Interview: CISO
By: Shelby Welty
February 4, 2021

The Chief Information Security Officer (CISO) role is ever-changing. As noted by Tech Republic, 62% percent of companies now employ CISOs. Security Boulevard reports that these infosec professionals are now being tapped for both the hard skills of their security expertise and the soft skills required to effectively create and communicate business-driven cybersecurity strategies across front-line staff members C-suites ...

SQLI: The good, the bad, the basics
By: Raymond Evans
February 3, 2021

In my last blog post, I discussed the basics of Cross-Site Scripting (XSS). For this post, we will be discussing the basics of SQL Injections (SQLI). This post will cover what SQL is, what SQLI is, identify it, and exploit it. First, let's discuss what SQL is. SQL stands for Structured Query Language and is used to store, manipulate, and ...