0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

Fuzz Testing
By: Gabriel Schram
July 13, 2021

The complexity of vulnerability testing for software is expanding with the advancement of connected systems. One of the most effective methods to find vulnerabilities in software is fuzz testing. Fuzz testing, also called fuzzing, is a process meant to find bugs in software through various or semi-random types of input. Specifically, a fuzz test will provide unexpected input to an ...

SASE
By: Samia Oukemeni
July 13, 2021

Organizations seek to accelerate growth in an era of rapid change and adapt quickly to the IT ecosystem's demands. With a shift towards the Cloud, security and access controls are moving outside the traditional enterprise perimeter. As a response to these demands, Gartner Inc. introduced a new enterprise networking technology, Secure Access Service Edge or SASE (pronounced Sassy), to solve ...

Part 3: Using Burp Suite Repeater More Efficiently
By: payloadartist
July 12, 2021

The Burp Repeater is a very powerful tool within Burp Suite. It allows pentesters to repeat requests through Burp Proxy, modifying, manipulating, and re-running them. It is a tool that one cannot live without if they are into web app security testing with Burp Suite, so being familiar with it is important. What is the use of Burp Repeater? Burp Repeater ...

Career Paths For Cybersecurity In 2021
By: Shimon Brathwaite
July 12, 2021

Cybersecurity has become one of the most profitable and growing industries of the 21st Century. Globally there are about 3.5 million unfilled cybersecurity jobs, which means there's tons of opportunity for people to make a living within this field. Many people don't understand what a career in cybersecurity is like, making it a difficult industry to break into. Cybersecurity is ...

Typosquatting Leads To User Compromise
By: Gabriel Schram
July 9, 2021

Cybercriminals are taking advantage of user error through active social engineering campaigns and imposter websites. Typosquatting, also called URL hijacking, is an attack centered around a fake and malicious website. These URLs often look similar to popular websites, for example, gogle.com instead of google.com. Threat actors take advantage of a user misspelling the legitimate site in hopes that they go ...

Is It The End Of Firewalls As We Know Them?
By: Samia Oukemeni
July 9, 2021

If you ask any laptop user what a firewall is, there is a good chance that they will give a reasonably accurate answer, even if they aren't techies. The fiery orange wall with bricks, represented in any network design, is neither a new technology nor an unfamiliar innovation. So, how come we are still talking about firewalls and trying to ...

What is MSSP?
By: Nihad Hassan
July 9, 2021

As the world moves steadily to become fully digital, organizations of all sizes and across all business sectors utilize digital technology to facilitate work operations and communicate with customers and other business partners. Cybercriminals have ridden the digital wave and shifted most of their criminal activities to cyberspace. According to Cyber Security Ventures, cybercrime's global damage is projected to reach ...

What Skills A Threat Intelligence Analyst Needs To Have
By: Nihad Hassan
July 8, 2021

The number of cyberattacks is increasing rapidly; every day, we hear about a data breach or security incident. The accelerated digitalization of our society has led to an equal increase in cyberattacks. To protect precious data assets, organizations of all sizes and across all industries deploy various security solutions such as Firewalls and IPS/IDS. However, the human element remains the ...

The Importance Of Bash Scripting For Ethical Hacking
By: Shimon Brathwaite
July 8, 2021

Bash is the common-line language of Unix-based operating systems, including Mac OS and Linux. As a Cybersecurity professional, you often work in Linux environments, and you must understand the common bash commands to navigate the operating system properly. Several tools, such as Nmap or Metasploit, are command-line applications, meaning that they don't have a graphical user interface (GUI). Therefore, you ...

Best SIEM For Security And Requirements For PCI Compliance
By: Owen Dubiel
July 7, 2021

It can be troublesome to satisfy security and compliance, especially if Payment Card Industry Data Security Standard (PCI DSS) is a compliance framework that must be met. One of the more unique requirements for PCI compliance includes having a logging solution to carry out a slew of controls. These controls must be tested annually to achieve PCI certification. Some of ...