Collaborate Disseminate
My company is developing an open-source platform that would be hosted on may different servers, deployed in the cloud by many people, that run the "LAMP" stack or something similar. My goal is to ensure that in 99.9% of cases, th… Continue reading Given this secure setup, what are some effective attacks that still are possible?
My company is developing an open-source platform that would be hosted on may different servers, deployed in the cloud by many people, that run the "LAMP" stack or something similar. My goal is to ensure that in 99.9% of cases, th… Continue reading Given this secure setup, what are some effective attacks that still are possible?
I read a LinkedIn article by Chris Hall (Post 1, Post 2), who states that Certification Auditors cannot and should not raise nonconformity against the controls and should only raise nonconformity against the clauses.
Can a nonconformity be… Continue reading Can a nonconformity be raised against a control – for ISMS audit based on ISO 27001?
Background:
There are a lot of self-hosted web applications these days, and often, more than one for the same purpose. In my case I am looking for a replacement for GitHub or other big tech/cloud git platforms. But I am stack at: security…. Continue reading Evaluating Self-Hosted Web Applications
Protecting sensitive data is critical for businesses facing constant cyber threats. Automating encryption, audits, and access control strengthens security and reduces human error. Continue reading Automating Data Encryption and Security Audits for Continuous Protection
I’m university student my degree is Computer Engineering. I need an expert review on work.
Where I can find expert on Computer Engineering and Cybersecurity?
From personal experience many mobile apps that I’ve tested don’t actively detect and discourage (with a warning) or even block the app from running on/in:
a rooted/jailbroken Android/iOS device
emulated environment
an end-of-life iOS or e… Continue reading Should mobile app developers actively prevent apps from running on outdated devices/rooted devices/emulators for security purposes?
The SOC 2 framework includes 5 Trust Services Criteria made up of 64 individual requirements. Where can I find said 64 individual requirements to support an internal gap analysis ?
I’d like to attempt to not rely on Vanta to conduct a gap … Continue reading SOC2 – Public/Free list of 64 individual requirements to support an internal gap analysis? [closed]
I am looking for ways to value add to existing Office 365 Security & Compliance center which is available by default. Adding HIPPA compliant check but I don’t wanna pay for the templates available in 365.
Is it better to write custom p… Continue reading Is there a Opensource way to compliance audit Microsoft 365 Apps [closed]
I am working on a data processing task in an enterprise environment with Python3 installed on a client-side Windows Jump server.
I need to download data regularly from a third-party provider, and it is accessed via a REST API.
The business… Continue reading Log REST API calls in the most auditable way