Defense in Depth for Systems Administrators

Jayme Hancock

Written By: Jayme Hancock

March 16, 2017

Views: 316

Defense in Depth is a complex topic, and many of the available resources target senior executives or information security professionals. How does a systems administrator implement defense in depth within the scope of their job, focus on what matters, and plan for failure of each security control?

Read more.

Practical Advice for SHA-1

Adam Caudill

Written By: Adam Caudill

February 24, 2017

Views: 635

Today a long-awaited announcement was made, Google released the first full SHA-1 collision. For those in the cryptography community, it was widely expected that such a break would occur this year; the flaws that allow the attack have been known since 2005 and academic work has been going on since then to produce a full collision.

Read more.

The Problem with Blacklisting; A Look at Weird Cross Site Scripting Injections

Ryan Borden

Written By: Ryan Borden

January 23, 2017

Views: 783

So you’ve been testing the web application you built for Cross Site Scripting vulnerabilities, and you’re pretty sure that your defenses are solid. You even dusted off your cheat sheet to help you build out a really comprehensive blacklist. Your site is bullet-proof, right? Well, probably not.

Read more.

Mission Invisible: Wireless Surveillance Camera Denial of Service

Tim Jensen

Written By: Tim Jensen

January 09, 2017

Views: 1009

Many companies have come out with 2.4/5 Ghz wireless cameras which operate over 802.11 wireless protocols and frequencies. These cameras are very convenient, in that only power needs to be provided for placement, which allows home and business users to place cameras without complicated network wiring.

Read more.

© Copyright 2017 AppSec Consulting, All Rights Reserved