SECURE TARGET: A Critical Lens on Tech, Power, and the People Behind It
-
Is EFS secure?
I have seen many official statements about EFS being so insecure and we should not use it blah blah…and that is so surprising for me something from professional sources hearing a unprofessional statement, or better say, inaccurate assumption about one of the simplest and effective ways towards cryptographic practices! Assuming you know what Encrypting File…
-
The Main Source of Cyber Threat Intelligence
Which firm, company or solution can have the most comprehensive source of threat intelligence? The question should come to your mind when you are shopping for this security matter for any reason. Sources can have different type of data and then convert it to useful information via either active or passive mechanisms to gather intelligence,…
-
Do Managed Security Services Elevate Overall Security Posture?
Does a managed security service enhance overall security posture? Usually No! Managed security services are highly built on customer expectation instead of precise protocols to build a security barrier for client. There are many factors involved in quality of security services after migration to a managed service but most effective one is “client expectations”, or…
-
Does Cloud Guarantees Security?
There is a wrong perception of Cloud security among consumers of the Cloud solutions and platforms. Actually, classic Clouds are more insecure than traditional computing even though it is set on stone for most people even many “IT professionals” that Cloud computing is natively more secure, or by default it is at least more secure…
-
Why Folks Are Not Able to Secure Their Network?
The question simply is: Why we do not feel insecure even spending a lot, giant teams of professional and bunch of fancy tools? And the answer simply is: Wrong Direction! As long as one’s going wrong direction, we certainly cannot even imagine being able to reach the destination. How it is possible to reach the…
-
Is Whitelisting a Good Security Practice?
Whitelisting has been for sure a relatively standard and sometimes as a hardening security measure but it depends how we implement and maintain it and where it is initially enforced. Whitelisting could be against you if setup at the wrong spot or with inadequate supportive elements. I highly recommend whitelisting behavior rather than whitelisting elements…
-
Why Common Vulnerability Scanning Practice is Useless?
I hope you will find this so obvious but unfortunately security community is highly relied on vulnerability scanning in a way which makes it totally useless or even harmful! Vulnerability assessment is evaluating of a System against known and potential security flaws. A System is simply a collection of processes, workflows, people, nodes, software…but traditional…
-
Penetration Testing vs. Secure Code Review
What is the best way to make sure a software product is secure? The easiest way is to roll out to the market and see what is going to happen and hope everything does well…no kidding, that is what most software developers do! Let’s forget about what majority of software community do and see what…
-
Monitoring: The Forgotten Discipline
The Myth of “Proactive” Every company claims to be proactive. They buy dashboards, automate alerts, and call it visibility. But visibility without interpretation is just noise. And noise is the enemy of monitoring. These days, the market is full of tools that promise prediction. None deliver it. They only record symptoms faster. What You Actually…
-
Audio Fingerprinting: The Sound of Surveillance
The Invisible Signature Every sound you make online, a voice clip, a stream, a meeting, carries a fingerprint. Not the kind you leave on glass, but the kind you leave in frequency. It’s invisible, persistent, and mathematically unique. And once captured, it never forgets you. I believe audio fingerprinting is the quietest form of tracking.…