This post summarizes access control models, as considered in cybersecurity and access control. Acccess Control Concepts Permission refers to the access granted for an object and determine what you can do with it. Right refers to the ability to take…
This post summarizes Authentication, Authorization and Accountability (AAA) protocols or AAA network protocols. Do not confuse the AAA protocols with the authentication protocols like EAP, CHAP and PAP. Authentication protocols works in the OSI layers 2 and 3, and AAA…
This post lists some publishers about cybersecurity or based in Spain. List of Cybersecurity Book Publishers from Spain Cybersecurity Book Publishers from Spain: Anaya Multimedia Official web LID Official web
This post lists sources that broadcast news about information security and cybersecurity. List of Cybersecurity News Webs from Spain Cybersecurity News Web from Spain: RedSeguridad Official web Revista SIC Official web Ciberseguridad TIC Official web Securtecnia Official web CyberSecurityNews.es Official…
Network Access Control (NAC) is a security solution that enforces policy on devices that access networks to increase network visibility and reduce risk. NAC’s posturing capability determines if a system is sufficiently secure and compliant enough to connect to a…
This post presents some aspects related to electronic mail (email or e-mail) protocols. Email Operational Protocols STMP An open relay is an insecure SMTP server that does not authenticate sneders before accepting and relaying email and are typically quickly exploited…
This post lists OT security certifications that can be achieved by professionals, i.e. people, not organizations. List of OT Security Certifications for Professionals OT security certifications featured on this post: ISA’s ISA/IEC 62443 Cybersecurity Certificate Program ISA/IEC 62443 Cybersecurity Certificate…
This post lists some information about security testing framework guides. You can read about penetration testing methodologies on this post. You can read about secure software development frameworks on this post. List of Security Testing Guide Security Testing Guides featured…
Business continuity should make focus on incidents that are not frequent but may cause a big impact on the organization. A Business Continuity Plan (BCP) is a plan used by an organization to respond to disruption of critical business process.…
This post tries to explain what is an Information Security Program. What is an Information Security Program? According to ISACA, an information security program (ISP) is a set of activities that provide assurance that information assets are given a level…