0P3N Blog

Getting Started "The secret of getting ahead is getting started" – Mark Twain. The problem, for many starting in the cybersecurity field, is knowing where to start. Thousands of blog posts, articles, websites, and videos of the vast realm of cybersecurity careers can quickly become overwhelming. There are three high-level steps to help quiet the noise and create a starting point: __Step ...

Cybrary’s course on the CIS Top 20 Critical Security Controls is an exceptional training experience. This course provides an overview of the CIS Top 20 Critical Security Controls v7.1. These controls can be used in conjunction with other frameworks, such as NIST’s Cybersecurity Framework and Risk Management Framework, to help provide defense-in-depth best practices. Developed by the Center for Internet ...

Usually, when you are trying to access a website, your browser sends an HTTP request to the webserver which is hosting the page. The server processes your request and sends the response. After receiving the response, the browser renders the web page. After this process is completed, the server connection will be closed until the server receives a new request. Nowadays, ...

IT folks usually fall into this dilemma of picking up technologies every few months or so. It is not that simple to pick up a stack for our next adventure and navigate the harsh terrain of the great divide between developers and folks in operations. However, shipping a product with speed and higher quality has become necessary to remain competitive ...

Cybercriminals are becoming more versatile with their attacks by carefully selecting information about their target that could be useful in a fake email (phishing email). Many cybercriminals are using a technique called Open Source Intelligence (OSINT) to gather as much valuable information about their target(s) as possible. Most of the time, valuable information is found by just using a search ...

Just who can learn IoT? Wow, that, to me, is a loaded question. My first idea is anyone. But, that doesn't fit this blog. I am not trying to add some humor to the blog. I remember my community college days. My college had a program that allowed high school students to take courses for credit. We had one 16-year-old young ...

COVID-19 Cybersecurity Impacts Due to greatly increased activity in digital transactions, fraudsters have found opportunities to exploit vulnerabilities in the systems and target naive online users through facets of digital fraud. The rate of account takeover (ATO) fraud from 2018 to 2019 crossed 347 percent, with shipping fraud being 391 percent in a digital environment. However, during coronavirus, where the ...

Virtualization has become very important for every developer because virtualization makes it possible to create a complex virtual environment in one's computer. Vagrant, by Hashicorp, is a free software used to create these virtual environments. Configuring environments by learning Vagrant is quite easy. Vagrant provides a configuration language called HCL (Hashicorp Configuration Language), which is used for defining the virtual environment ...

This topic has become a buzzword with the advancement of technology and glittering marketing by vendors around Machine Learning (ML) and Artificial Intelligence (AI). How it is benefiting the customer in real sense is a question that needs to be addressed from a quantitative and qualitative risk analysis perspective, which is a very subjective topic and requires a detailed analysis. ...

Threat modeling is the security process by which we can identify, categorize, and analyze threats. Generally, threat modeling is done at an early stage in the software development lifecycle. Still, it can be performed at any stage whenever there is some change in the architecture or design. The purpose of threat modeling is to come up with the solution for ...