0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

Synchronizer token pattern
By: Ace
February 25, 2019

In this post let’s discuss about using a synchronizer token pattern to prevent CSRF (CSRF meaning Cross-site request forgery.).  Synchronizer token pattern (STP) is a technique where a token, secret and unique value for each request, is embedded by the web application in all HTML forms and verified on the server side.  ...

I'm PMP Certified. What's Next?
By: ebiettchert11
February 23, 2019

So, you are PMP certified. What’s the next step? Aside from applying to a PMP certified position, you will need to periodically renew your credentials and attend professional development units. As it turns out, there are some recurring costs and tests even after you get certified. If you are still seeking certification, it’s important to know the process ahead ...

Today’s critical threats: A Cisco Security threat report
By: purvikshah
February 21, 2019

Author : Ben NahorneyFor more than a decade, Cisco’s security reports have been a definitive source of intelligence for security professionals interested in the state of the global industry. These comprehensive reports provided detailed accounts of the threat landscape and their organizational implications.Today we are publishing our second report for 2019: Defending against today’s critical threats. This whitepaper looks ...

Getting Certified? Why PMP Training is Good for Everyone
By: Tatianna
February 21, 2019

The Cost of PMP Training Project management professional (PMP) certification is one of the most sought-after designations across industries and geographies. Why? Because companies recognize the need for project management leaders capable of handling complex tasks with multiple moving ...

The Cost of CISSP Training for Practitioners and Businesses
By: Tatianna
February 20, 2019

Update: This article was reviewed October 2021 for accuracy. As of August 31, 2021, the CISSP course is no longer free, but is still available through the Cybrary Insider Pro membership. The Cost of CISSP Training Certifications offer value ...

Restoring or exporting?
By: Tom_Cruiso
February 20, 2019

Restoring or exporting? Which one suits you better? Well, we are talking about your emails. We believe you are backing them up to some drive. We won’t ask you how because that depends on how and where you want it; and how your company gets the task done. Here we will be discussing ...

How to prepare for your Azure Certification
By: Vikrant Saran
February 20, 2019

Attaining azure certification is one of the most pertinent moves in your cloud career. So, before you start the preparation, the first thing to do is to decide the certifications that you must pursue to boost your career. With the new role-based Microsoft Azure certifications, you can now opt to go for precise skills that are required ...

Regular Expressions: Why do you need it in pentest and how to learn
By: Uladzislau Murashka
February 19, 2019

First, let's see why we can use regular expressions and how to use them in the context of pentest.1. Regular expressions can greatly help in the process of exploration and data collection - in order not to collect any garbage, we will be able to select only that part of the content that will be really useful for us.2. ...

Benefits of virtualization
By: widesidek
February 18, 2019

Virtualization is the process of creating a lot of machines on one machine , as if they work separately.This technology is becoming very popular due to its benefits . To understand it well , let's consider 3 protocols of virtualization : Application / OS / hardware , when virtualization is used we can considder that there are more than one ...

Social Engineering: A social way to exploit computers
By: dks11
February 17, 2019

Have you ever gotten an email titled something like “ You have an outstanding invoice ” or “YOU ARE THE LUCKY WINNER!!!! ” and (hopefully) as quickly as you saw it, deleted it? Well, this is a form of social engineering. Social engineering takes many forms and ...