0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

NIST 800-53: Intro to Security and Privacy Controls Course Spotlight
By: Braam Broodyk
May 6, 2020

So you just landed that new gig as a Chief Information Security Officer (CISO) for a new organization, and you need to develop a roadmap to implement security controls, but which controls do you implement, and how do you prioritize? The Cybrary course NIST 800-53: Introduction to Security and Privacy Controls will provide you with an overview of the ...

Graphing Website Relationships for Risk Prediction: Identifying Derived Threats to Users Based on Known Indicators
By: Philip H. Kulp & Nikki E. Robinson
May 5, 2020

Abstract. The hypothesis for the study was that the relationship based on referrer links and the number of hops to a malicious site could indicate the risk to another website. We chose Receiver Operating Characteristics (ROC) analysis as the method of comparing true-positive and false-positive rates for captured web traffic to test the predictive capabilities of our model. Known threat ...

Is Cybersecurity Easy to Learn?
By: Joshua Elijah
May 5, 2020

With the Internet of Things (IoT), Big Data, and Cloud Computing, the need for experts who can secure data stored in data pools has escalated. These data, mostly Personally Identifiable Information (PII), if not secured, would cause data breach that could put any enterprise or individuals in immense danger. What is Cybersecurity? So what is Cybersecurity? Wikipedia defines ...

Securing Smart Cities without Limiting Innovation
By: Hugh Shepherd
May 4, 2020

The potential of smart cities is immense. The convergence of people and technology to efficiently deliver services to the public and solve the problems of urbanization is one of the ultimate aspirations for smart city deployments. But there are challenges to smart city deployments. The most likely solution is to enforce policy and security requirements to mitigate these risks. But ...

Python and SQL: The Importance of Doubling Down
By: Doug Bonderud
May 1, 2020

The digital skills gap continues to widen as companies look to shore up expanding tech departments with talented IT professionals. And while high-profile proficiencies in areas such as cloud computing and big data analytics remain top enterprise priorities, there’s also a growing need for a more fundamental skillset: Programming. As noted by Business.com, two of the top programming preferences for organizations ...

Security Guidelines for Working Remotely From Home
By: Krutik Poojara
April 30, 2020

Most of us are working from home due to the current situation that has arisen from COVID-19. At the office, there is an infrastructure to protect you while accessing the internet, but at home we need to take care of security ourselves. Here, we will explore a few techniques which we can use to achieve the goal of securing ourselves ...

Misconfigurations – The Most Common Security Incident Involving Your Containers and Kubernetes
By: David Bisson
April 30, 2020

Organizations continue to struggle with the ongoing challenge of securing their Kubernetes and container environments. Unfortunately, organizations don’t always emerge successful from that fight. That’s because even the best intentions sometimes don’t prevent organizations from suffering a security incident. But this raises some important questions. Who’s experiencing these security incidents, for instance? And what are the driving factors behind these events? StackRox ...

DevSecOps: Integrating and Maturing a Security Culture
By: Phillip Kulp, Ph.D
April 24, 2020

Over the coming weeks, Cybrary will be posting a series of blogs that correspond with the newly released Cybrary course, DevSecOps Fundamentals. This post is the first in a series that covers core principles to assist in the automation of a secure pipeline. Overview The series will address DevSecOps as a continuously maturing process. DevSecOps is not simply a method ...

Why is Privileged Access Management more important than ever
By: Thycotic
April 23, 2020

Did you know 62% of breaches are from privileged account abuse. But how can IT teams and cyber security professionals fight back? Privileged Account Management (PAM) introduces a fundamental security layer to protect against cyber-attacks that target privileged accounts to get at critical information assets in your organization. However, doing more isn’t always doing better. No one knows this more than ...

Is It Worth It To Learn IoT?
By: Suketh Evani
April 22, 2020

Every decade, human civilization experiences a new wave of technology and in the next decade, it is predicted that the Internet of things (IoT) is going to hit hard. Internet of things (IoT) is a collaboration of electronic devices and objects that are interconnected and can be identified uniquely. In layman’s terms, just like the internet, it is a group ...