Cybersecurity Tips and Tricks
While cybersecurity is a technical discipline — and we all love technical how-tos and in-depth tool reviews that empower our security toolkits — there are also strategic concepts and security basics we uphold as pillars of the industry.
Whether you’re a security veteran, just starting out in infosec, or simply want to know more about the security concepts and practices that shape the decision-making process in any modern organization, we’re here to help.
In our “Cybersecurity Tips” section you’ll find information about true cybersecurity basics including security automation, threat intelligence, social engineering, ransomware, and indicators of compromise, as well as updates on new attack methods and cybersecurity trends such as quantum computing, DevSecOps, security through obscurity, and more.
Each blog post will lead you through these concepts and their history, and we’ll get down to the nitty gritty on our subjects along with best practices and helpful tips on ensuring protection.
Resolving Alert Fatigue in SOCs with Asset Context for Incident Evaluation
Cyber threats in the modern IT landscape can lead to severe fallout, including compromised data, damage to brand reputation, and loss of customers and revenue. In order to effectively minimize risk, many organizations rely on automated security solutions and software that provide real-time risk analysis and produce alerts whenever an anomaly is detected.
SecurityTrails Meets Gigasheet: Taking Your Recon Analysis to a Whole New Level
Humans, in most cases, are not built to process and conceptualize data in any significant measure or speed.
Open and Exposed Databases: Risks and Mitigation Techniques Explained
Databases are among the most important parts of a web application. Almost every action performed on your web application involves using a database in some form to determine what to perform next, to store a user’s input, or to give a user information. These three user interactions form the most essential functions that a web application performs.
Nmap Cheat Sheet - Reference Guide
If the Nmap project had a motto, it would be Scanning Done Right.
Most Popular Subdomains and MX Records on the Internet
Simply put, today’s internet runs on DNS.
DNS Records and Record Types: Some Commonly Used, and Some You Might Not Know About
Without DNS and domain names, our experience of browsing the web would be quite different. As users, we would have to actually memorize the IP addresses of websites we want to visit, which doesn’t seem like a pleasant user experience at all.
Best Cybercrime Investigation and Digital Forensics Courses and Certifications
Cyber criminals target networks in the private and public sector every day, and their threat is growing. Cyber attacks are becoming more common, more menacing, and in the public sector, can compromise public services and put sensitive data at risk. It happens all the time in the private sector too: companies are attacked for trade secrets, customer information and other confidential details. Individuals aren’t spared either and are falling victim to identity theft, fraud and various other types of cybercrime.
How I Lost the SecurityTrails #ReconMaster Contest, and How You Can Win: Edge-Case Recon Ideas
A while back, SecurityTrails announced that they would be running a contest dubbed “Recon Master”—the aim of which is to find hostnames that resolve to an IPv4 address that haven’t already been found by SecurityTrails. As it had been a while since I flexed my recon muscles, that sounded very interesting to me. These days, the majority of my asset discovery phase is spent literally just using SecurityTrails, so this would force me to think outside of the box and stop being so lazy.
IP Discovery: How to Create a Full IP Map of Your Organization
IP intelligence involves information gathering on the IP addresses used to provide access to web applications and web services within an organization.
Top 40 Shodan Dorks for Finding Sensitive IoT Data
With its ever-growing database and ease of use, Shodan has become one of the most popular tools used by security researchers for gathering IoT intelligence.
