Sistema de blogs Diarium
Universidad de Salamanca
Pablo Gallardo's Blog
My professional web log about IT, Cybersecurity & Project Management
 
Tag Archives | cybersecurity

Compliance Management Solutions

Compliance management solutions provide templates, assessment tools and other functionalities to help an organization to meet compliance with some of the most popular standards. This post lists some Compliance Management Solutions.   Popular Compliance Standards List of some popular compliance standards: Payment Card Industry Data Security Standard (PCI DSS) International Standard Organizations (ISO) Standards, like […]

Comments { 0 }

Cybersecurity Conventions in Spain

This post lists some cybersecurity conventions or events that are celebrated in Spain. List of Cybersecurity Conventions in Spain Cybersecurity Conventions in Spain, in order of recurrency: RootedCON JNIC Securmática Navaja negra STIC CCN-CERT Conferences RootedCON https://www.rootedcon.com/ Madrid, Spain. Yearly in March. It is probably the biggest cybersecurity event in Spain. JNIC https://www.incibe.es/red-excelencia-idi-ciberseguridad/jnic JNIC (Jornadas […]

Comments { 0 }

List of Application Security Testing (AST) Solutions

Application Security Testing (AST) is the process of checking an application in order to identify potencial vulnerabilities and set points for security improvements. Types of AST: Static AST (SAST) Dynamic AST (DAST) Interactive AST (IAST)   List of Application Security Testing (AST) Solutions AST Solutions: SonarQube CheckPoint SonarQube https://www.sonarqube.org/ OpenSource platform Checkmarx SAST https://checkmarx.com/product/cxsast-source-code-scanning/ Developed […]

Comments { 0 }

DLL Side-loading Attack

This post explains what is a DLL side-loading attack in the context of IT security.   What is a DLL Side-loading Attack? A Dynamic Linked Library (DLL) is a file that is used on Windows systems to group functions. By using DLLs, common functionality can be isolated and re-usability is enabled. As DLL are particular […]

Comments { 0 }

ISO/IEC 27001 Lead Implementer Certifications

ISO/IEC 27001 is an international standard to implement an ISMS in an organizations. Professionals that want to get the knowledge to implement ISO/IEC 27001  and be able to prove it to third parties may look for a certification on this subject.This post lists some popular ISO/IEC 27001 Lead Implement Certifications. IAF (International Accreditation Forum) issued […]

Comments { 0 }

IT Security Frameworks for Organizations

This post lists some of the most popular IT frameworks that can be used by an organization to implement their security. List of cybersecurity frameworks: NIST Cybersecurity Framework (CSF) ISO/IEC 27001 CIS Critical Security Controls (CSC)   List of Cybersecurity Frameworks NIST Cybersecurity Framework (CSF) Issued by NIST (National Institution of Standards and Technology) of […]

Comments { 0 }

How to prepare CISSP Exam

CISSP (Certified Information Systems Security Professional) is a certification granted by the organization ISC2 (International Information System Security Certification Consortium). This post explains how you can prepare the exam to apply for CISSP certification. To find more information about the CISSP certification itself, please check the main post. Frequently Asked Questions (FAQ) about the exam […]

Comments { 0 }

Digital Certificates

Digital certificates, also known as public key certificates or identity certificate, . When I explain what a digital certificate to someone without a strong IT background I like to compare it with a seal ring, like the ones used in medieval times of Western countries. These seal rings had two functions: Identify the holder. Because […]

Comments { 0 }

How to get CISSP Certification

CISSP (Certified Information Systems Security Professional) is an information security certification granted by organization (ISC)2. This post explains the procedure to get CISSP certification through a series of frequently asked questions (FAQs) that are set in logical order. All questions that are related to the CISSP exam itself (that it is just one of the […]

Comments { 0 }

How to maintain CISA Certification

CISA (Certified in Information System Auditor) is a certification issued by professional association ISACA. This certification has a limited validity period that, nevertheless, can be extended. This post summarizes ways to maintain and renew CISA certification. The information may also apply to all these ISACA certificates: CISA CISM CRISC CGEIT CSX-P CDPSE ITCA CET If […]

Comments { 0 }
Política de privacidad
Studii Salmantini. Campus de excelencia internacional