Author Archives: Tim Bertino

The internet allows us to have the proverbial ‘world at our fingertips’. We have almost immediate access to countless amounts of information at practically any given time. While this is great, it can definitely be seen as a double-edged sword. Being on the internet often means disclosing information about ourselves in order to get accessContinue reading “Security+ Journey – Prying Eyes”

As brought up in the social engineering post in this series, while attacks can rely on sophisticated payloads to accomplish malicious goals, oftentimes the point of entry is an action taken by an unsuspecting human. In that social engineering post, I also highlighted that humans are the last line of defense for an organization, inContinue reading “Security+ Journey – Gone Phishin’”

In today’s day and age, attackers and defenders can both be very sospisticated. Threat actors can have ways to obfuscate their attacks and exploit zero day vulnerabilities. Conversely, defenders can leverage defense in depth to put multiple layers of defense between valuable assets and attackers. However, at the end of the day, there is aContinue reading “Security+ Journey – Social Engineering”

For attackers and defenders, tools are very important. If a threat actor does not know much about a potential target, they will need to perform some reconnaissance. There are many tools out there that can be leveraged for recon, some of which are readily available on popular operating systems. These tools are not necesarily builtContinue reading “Security+ Journey – DNS for Recon”

One thing is certain in terms of cybersecurity. Attacks will and do occur regularly. While security is the responsiblity of all employees in an organization, active defense is up to IT and Info Sec teams. One way to help defend organizations effectively and efficiently is to understand the existing attack surface and potential attack vectorsContinue reading “Security+ Journey – Attack Surface and Vectors”

Yeah I know, I went for the catchy title to try to draw you into reading this. However, when looking at the topic of vulnerabilities, threats, and risks in my list, the title above is what came to mind. Thinking through it though, that title seems to work. Vulnerabilities, threats, and risks are all scaryContinue reading “Security+ Journey – Lions, Tigers, and Bears”

Security controls are put in place ultimately to mitigate and minimize risk for an organization. As covered in a previous post, there are three main categories of security contols. To recap, these categories are technical (logical), operational (physical), and managerial (administrative). While these categories give us an idea of the high level characteristics of theContinue reading “Security+ Journey – Functional Types of Controls”

Large concepts within information security are understanding what protections/controls we should have in place and then the actual processes of implementing those controls. The reason we have security controls can point back to the concept of the CIA Triad. To keep our organizations safe and healthy from an information security perspective, we should ensure thatContinue reading “Security+ Journey – Control Categories”