Unleash the puzzle
An application is a program or software designed to perform specific tasks for users. Examples: Mobile Apps: WhatsApp, Instagram. Desktop Software: Microsoft Word, Adobe Photoshop. Web Applications: Gmail, Amazon, YouTube. Application security refers to the process of identifying and repairing vulnerabilities in application software-from development to deployment-to prevent unauthorized access, modification, or misuse. Why Application […]
Read More Application SecurityCISA Zero Trust Model is based on 5 pillars: Identity, Devices, Networks, Applications, and Data. Focuses on continuous verification to secure enterprise environments. Identity: Verify users explicitly and manage access. Devices: Ensure devices are secure and compliant. Networks: Segment and monitor traffic to limit risks. Applications: Control app access and protect workloads. Can be private, […]
Read More Foundations of Zero Trust architectureGenerative AI refers to a class of AI technologies that is capable of generating various forms of content, including but not limited to text, images, audio, and video. These AI systems can generate new content, based on their training data and input parameters, which usually include text prompts but can also involve other forms of […]
Read More Agentic AIdiagram shows a layered intrusion detection setup. Internet traffic flows to an external VM and through Suricata NIDPS before reaching an internal VM, which is monitored by Wazuh agents. The Wazuh server collects and analyses alerts from the agents, forming a Host-based Intrusion Detection and Prevention System (HIDPS). Suricata is like CarbonBlack and Paloalto Corporate […]
Read More Intrusion detection and intrusion preventionISO 27001 Implementation ISO 27001, the international standard for information security management, defines a comprehensive set of controls to help organizations protect their information assets. The structure and number of these controls have evolved with the standard’s updates. Readiness Assessment: – Conduct a current readiness assessment to identify gaps in the existing Information Security Management […]
Read More ISO 27001– API calls occur in the background during web browsing, rendering customised pages. – Server-side API calls may involve multiple micro-services communicating via internal APIs. – Users can only access their own messages and send messages to friends. – Users are seeking better authentication than HTTP Basic due to CPU overhead from password hashing. – […]
Read More API securityAMD’s Infinity Guard technology, is designed to enable confidential computing. It outlines a series of security layers and technologies that work together to protect data and systems. The process begins with the AMD Secure Root of Trust Technology, which provides a hardware root of trust and safeguards against BIOS modification and firmware attacks. This is […]
Read More Confidential computingDownload it on own hardware and servers Apache Airflow
Read More Open source– Digital systems face challenges with fluctuating service requests during high and low activity periods. – Load balancers manage traffic by distributing network traffic across multiple lines of activity instead of one pipeline. – This distribution ensures optimal performance and high availability, reducing the risk of bottlenecks. – Load balancers optimize resource utilization by effectively […]
Read More Load balancersOn-Premises: Responsibilities: – Data – Devices – User accounts – Authentication platform – Building security – Abetiation – Settings – Physical network security – Physical computer security – Operating system patches – Network and firewall settings Cloud App Service Resonsibility: Microsoft Azure is responsible for building security, physical network security, physical computer security, operating system […]
Read More Shared Responsibility Model
Data Centric 