0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

Using the NICE Framework for Early Career Planning
By: Jay James
June 9, 2020

Getting Started "The secret of getting ahead is getting started" – Mark Twain. The problem, for many starting in the cybersecurity field, is knowing where to start. Thousands of blog posts, articles, websites, and videos of the vast realm of cybersecurity careers can quickly become overwhelming. There are three high-level steps to help quiet the noise and create a starting point: __Step ...

CIS Top 20 Security Controls Course Review
By: Hugh Shepherd
June 8, 2020

Cybrary’s course on the CIS Top 20 Critical Security Controls is an exceptional training experience. This course provides an overview of the CIS Top 20 Critical Security Controls v7.1. These controls can be used in conjunction with other frameworks, such as NIST’s Cybersecurity Framework and Risk Management Framework, to help provide defense-in-depth best practices. Developed by the Center for Internet ...

Websocket Vulnerabilities
By: Pratyay Milind
June 5, 2020

Usually, when you are trying to access a website, your browser sends an HTTP request to the webserver which is hosting the page. The server processes your request and sends the response. After receiving the response, the browser renders the web page. After this process is completed, the server connection will be closed until the server receives a new request. Nowadays, ...

Is It Easy To Learn DevOps?
By: Jitendra Singh
June 5, 2020

IT folks usually fall into this dilemma of picking up technologies every few months or so. It is not that simple to pick up a stack for our next adventure and navigate the harsh terrain of the great divide between developers and folks in operations. However, shipping a product with speed and higher quality has become necessary to remain competitive ...

How To Gain Intel Using OSINT Tools
By: Marylin de Kort
June 4, 2020

Cybercriminals are becoming more versatile with their attacks by carefully selecting information about their target that could be useful in a fake email (phishing email). Many cybercriminals are using a technique called Open Source Intelligence (OSINT) to gather as much valuable information about their target(s) as possible. Most of the time, valuable information is found by just using a search ...

Who Can Learn IoT?
By: Michael Cunningham
June 4, 2020

Just who can learn IoT? Wow, that, to me, is a loaded question. My first idea is anyone. But, that doesn't fit this blog. I am not trying to add some humor to the blog. I remember my community college days. My college had a program that allowed high school students to take courses for credit. We had one 16-year-old young ...

Information Security: Authorized Access Needs Amid COVID-19 Outbreak
By: Emily Daniel
June 3, 2020

COVID-19 Cybersecurity Impacts Due to greatly increased activity in digital transactions, fraudsters have found opportunities to exploit vulnerabilities in the systems and target naive online users through facets of digital fraud. The rate of account takeover (ATO) fraud from 2018 to 2019 crossed 347 percent, with shipping fraud being 391 percent in a digital environment. However, during coronavirus, where the ...

Intro To Vagrant Software
By: Pierluigi Riti
June 3, 2020

Virtualization has become very important for every developer because virtualization makes it possible to create a complex virtual environment in one's computer. Vagrant, by Hashicorp, is a free software used to create these virtual environments. Configuring environments by learning Vagrant is quite easy. Vagrant provides a configuration language called HCL (Hashicorp Configuration Language), which is used for defining the virtual environment ...

Has Machine Learning (ML) and Artificial Intelligence (AI) Yielded Benefits To The Security Operations Center(SOC)?
By: Pankaj Kamboj
June 2, 2020

This topic has become a buzzword with the advancement of technology and glittering marketing by vendors around Machine Learning (ML) and Artificial Intelligence (AI). How it is benefiting the customer in real sense is a question that needs to be addressed from a quantitative and qualitative risk analysis perspective, which is a very subjective topic and requires a detailed analysis. ...

Threat Modeling, The First Step Toward Security In Software Development Life Cycle (SDLC)
By: Krutik Poojara
June 2, 2020

Threat modeling is the security process by which we can identify, categorize, and analyze threats. Generally, threat modeling is done at an early stage in the software development lifecycle. Still, it can be performed at any stage whenever there is some change in the architecture or design. The purpose of threat modeling is to come up with the solution for ...