What is the relation between change management, patch management and configuration management?
How are:
change management
patch management
configuration management
related to each other and what is the security team’s role in them?
Collaborate Disseminate
How are:
change management
patch management
configuration management
related to each other and what is the security team’s role in them?
While writing a memoir on Network Security I’ve encountered the following expressions:
pervasive mechanism
trusted functionality
event detection
security label
The online translation provided is apparently completely wrong.
Can someone h… Continue reading French translation of technical words [closed]
I understand that to "encrypt" something means to "code" it, to make it understandable for two parties, giver and receiver and generally only for them, but I don’t know what it means when this is being done symmetricall… Continue reading What are symmetric and asymmetric encryption and what would be a good example from daily life? [duplicate]
I understand that a pair of a locking device and an opening device is asymmetric, and a single device which can both lock and open is symmetric.
Is that correct?
I’m confused a bit between the terms. What I know is that there is SAST and DAST. SAST is scanning code statically for possible vulnerabilities, equivalent to static code analysis. This is usually done with automated tools. And there is DA… Continue reading What is dynamic code analysis? Is it the same as DAST?
I am studying the MITRE ATT&CK framework and I am confused with the following tactics: Reconnaissance, Discovery, and Resource Development.
What are the differences between these 3 tactics? According to the study material:
Reconnaissa… Continue reading MITRE ATT&CK framework concept doubts between tactics
I am studying the MITRE ATT&CK framework and I am confused with the following tactics: Reconnaissance, Discovery, and Resource Development.
What are the differences between these 3 tactics? According to the study material:
Reconnaissa… Continue reading MITRE ATT&CK framework concept doubts between tactics
Could anyone provide a bird’s eye view of these two industry defining terms?
SASE stands for Secure Access Service Edge
SSE stands for Security Service Edge
I read this article which attempts to identify the difference but I didn’t underst… Continue reading Difference between SASE and SSE? [closed]
I’ve noticed that people don’t use a user account for a specific task;
I keep thinking the concept is called a "service account"
But it causes a lot of issues surrounding security; for instance one should not use their general ad… Continue reading What is it called when you only use a user account for a specific task in your OS?
How does NIST (or any other formal/widely respected body like NIST) define Digital Security?
I just need a formal definition to put in slides. If I paste a definition from the internet, my boss will say, which standard says so? So I need a… Continue reading How does NIST or any other standard define Digital Security? [closed]