Assurecondo

Assurecondo

Book a Consultation

Category: Tech

How to protect your Hard Disk Drive from sudden failure

Hard Drive failures can be a pain as more often than not, data is always lost in the process. I have had some hard drives carelessly fail without notice thus losing data in the range of 1Tb (1 Terabyte). As frustrating as it was then it could actually have been avoided if I was smart enough […]

Information Technology General Controls (ITGC)

Information Technology General Controls, popularly called ITGCs refers to the set of control such as policies,procedures, and technologies that an organization puts in place to ensure confidentiality, integrity, andavailability of its information and IT systems.ITGC review is an assessment of these controls to determine their effectiveness in protecting the organization’sinformation and IT systems. A comprehensive […]

Automotive Cybersecurity. An Introduction

Introduction to Automotive Cybersecurity Cybersecurity is the practice of protecting digital assets from malicious attacks. It is also referred to as “information technology security” or “electronic information security.” The term is used in a variety of contexts, but in this article, we will be considering cybersecurity in the context of automobiles.  The automobile industry has […]

Service Organization Control: An Introduction

Service Organization Control 1 (SOC 1) and Control 2 (SOC 2) are two standards for assessing a service organization’s internal controls. The American Institute of Certified Public Accountants (AICPA) established these standards to assist service organizations in demonstrating their dedication to security, availability, confidentiality, and privacy. SOC 1 is especially concerned with the financial reporting […]

Cloud Computing Services

In our last article, we talked about the different cloud deployment models: Public, Private, Hybrid, andCommunity. In this article, we will be discussing the cloud computing services which are mainly three types IaaS(Infrastructure-as-a-Service), PaaS (Platform-as-a-Service), and SaaS (Software-as-a-Service). Cloud computing is the distribution of IT resources on-demand through the Internet with pay-as-you-gopricing. Instead of purchasing, […]

Cloud deployment models

The deployment model is an important aspect of cloud computing. A cloud deployment model is a specificconfiguration of the environment’s variables, including storage capacity, ownership of the deploymentinfrastructure, and accessibility. This implies that deployment models employed by businesses are basedon the ownership (i.e who controls the infrastructure) as well as the location of the infrastructure. […]

Internet of Things (IoT) Security

The term IoT, or Internet of Things IoT has become one of the most important technologies of the 21stcentury, and it simply refers to the collective network of connected devices (smart devices) each with itsunique identifier automatically collecting and sharing data over a network. These devices range fromordinary household objects to sophisticated industrial tools.The fast […]

Auditing Artificial Intelligence

Technology keeps evolving, and accompanying these emerging technologies are the associated risks which if adequate security and control is not in place, can erode the overall benefits.There is a lot of buzz around Artificial intelligence as they currently form the basis for all computer learningand are considered the future of all complex decision-making. They have […]

Five (5) frameworks for improving cybersecurity

A cybersecurity framework provides a set of baseline best practice criteria with a goal to further strengthen the cybersecurity posture of any organization where it is implemented. Having these frameworks in place, it becomes easy to define standard processes and procedures which sustains confidentiality, integrity and availability. In this article, we will talk about five […]

Top 5 CyberSecurity Groups on Facebook

Facebook is one of the top 10 social media platforms and the largest social media platform globally at 2.85 billion monthly active users worldwide, which accounts for more than 30% of the world’s population having access to the platform. Compiled in this piece in no particular order are the names of top 5 cyber security […]

Top 10 Cybersecurity Subreddits for Security Professionals

Reddit is a social news website and forum where information is socially vetted and promoted by site members voting. The name of the website is a pun on the phrase “I read it.” Reddit is fragmented into over a million communities known as “subreddits,” each of which tackles a certain topic. A subreddit’s name begins […]

Five Resources on Data Privacy

Data privacy in our world today is a very serious global issue, especially as the use of digital devices has become prevalent. A lot of companies in recent times have sold people’s personal data to third parties (other companies and private individuals) for many reasons for which advertising is paramount. This is why learning about […]

A journey into Data Privacy

The world digital trail has become common. Ip addresses, cookies etc and every activity we take part in online leaves a trail. Information privacy is there to ensure the details that we drop online are protected, and that our personal information online is not accessed by illegal entities. What is Data privacy? Data privacy can […]

Logging VS Monitoring and  Why you need both.

Logging and monitoring is a term that is largely spoken about in security circles, as it plays an essential role in investigating, fine-tuning the security posture of a single digital asset or group of assets. An error log is a list of every issue affecting a server, network, operating system, or device. These log files […]

An overview of Identity Theft

Identity theft is a very serious security challenge, as experts believe that these cases occur so often that there is a new victim every 22 seconds. According to identitytheft.org, over 48 million identity theft cases recorded in 2020. This was an increase of 3.3% compared to the cases in 2019. Experts suggest that this problem […]

DevSecOps: An Overview

When done the right way, DevOps implementation is sure to bring about better collaboration among teams, faster time to market, improved productivity, enhanced customer satisfaction, and increased efficiency. Unfortunately, all these efficiencies and enhancements that come with DevOps are almost useless without security. That is why DevSecOPs is the introduction of security practices into DevOps. […]

Openid connect and oauth overview

Over the past articles, we have been exploring the world of the middleman (Api). We have been sufficiently able to break the concept down describing what it is, the advantages it presents, how to make it secure and the tools used for assessing its security posture. In this article, we are going to explore two […]

Five (5) API security testing tools you need to know.

There are several tools that have been used to access API security. Depending on each organization’s needs, a certain tool can be the ideal option for one but not the other. Although the majority of these API security testing tools have free trials or versions, enterprise users will probably need to purchase licences or explore […]

Tips for Securing Api’s

API security refers to the process and/or measures of preventing or mitigating attacks on application programming interfaces (APIs). As discussed in the previous article, Application Programming Interface, or API, is a software bridge that enables communication between two applications therefore it is very important that measures are in place to ensure that the communication remains […]

Application Programming Interface (Api)

                              Application Programming Interface explained Application Programming Interface, or API, is a software bridge that enables communication between two applications. You utilize an API every time you use a mobile app like Facebook, send an instant message, or check the weather. Application programming interface, or API, is a concept that can be used in a variety […]

The Art of Software Testing

Software Testing is a technique used to check or confirm whether a software product meets the expected requirements and to ascertain that the software product has no defects. It involves the running of software/system components using manual or automated tools to examine one or more specifications of interest. The main reason for software testing is […]

Five Questions About Mobile App Security

Five questions about App security Mobile app security has always been a source of concern. It has even become more important than ever as mobile devices become part of our everyday lives. People are more reliant on their mobile devices, especially their mobile phones, to access everything from banking information to regular updates on live […]

Intrusion Detection System

An intrusion detection system (IDS) is a device or software application that monitors network traffic for suspicious activities and alerts when such activities are discovered. While detecting and reporting malicious threats and abnormalities are the basic functions of an IDS, some intrusion detection systems can also take action when malicious activities or abnormal traffic is […]

Network Orchestration

What is network orchestration? Network orchestration is the automation of networks across different types of infrastructure devices, network domains, and even multi-vendor systems with a network. In addition, orchestration can be policy-based or event-driven automation through the use of programmatic interfaces like RESTful APIs that are enabled by third-party software or a network infrastructure solution […]

Network Security Resources

In the previous article on Network Security Fundamentals, I explained network security and its foundations.  Why is network security important? Most companies in recent times heavily rely on computers to share information and keep information safe. Especially in a large scale company with a large number of staff each expected to have a personal workstation, […]

Networking Security Fundamentals

Networking Security

Networking is the process of creating connections between devices. It can be used to transmit data, share resources, and provide internet access. Network security is a system that protects networks from unauthorized access and use. The purpose of networking is to enable communication between devices. This can be done by connecting them directly to one […]

Email Security 

E-mail was designed to improve accessibility/communications. But the problem is that it isn’t very secure. Email Phishing attacks have been increasing in frequency, and it doesn’t seem likely to stop anytime soon, with large companies and high-profile individuals the common targets.  Attackers use emails that appear authentic to deceive recipients enticing them to part with […]

7 Emerging Blockchain Technology Trends to Follow in 2022

Blockchain technology has been hailed as one of the most significant technological breakthroughs in recent years. Check out our article on blockchain technology. Manufacturing and education are among the industries that are affected. Blockchain technology is a permission-free, publicly accessible database system with encryption and centralization for security. To ensure network reliability and stability, blockchain […]

Artificial Intelligence Risk

What is Artificial Intelligence? According to Investopedia, Artificial intelligence (AI) refers to the simulation of human intelligence in machines that are programmed to think like humans and mimic their actions. The term may also be applied to any machine that exhibits traits associated with a human mind such as learning and problem-solving.  The benefits of […]

Internet of Things (IoT)

In this article, we will be taking a journey to understand Internet of Things (IoT), and to this end, the journey will be guided by the underlisted: What is IoT? The evolution of IoT Use cases of the Internet of Things IoT products What is IoT?  The Internet of things describes physical objects with sensors, […]

Artificial Intelligence as a Service (AIaaS)

Artificial intelligence as a service (AIaaS) refers to off-the-shelf AI tools that allow businesses to implement and scale AI techniques at a fraction of the cost of a full-fledged in-house AI.  Because it is based on cloud computing, the concept of everything as a service refers to any software that can be accessed across a […]

Ransomware as a Service

Ransomware as a Service  Ransomware attacks have been increasing in frequency, and it doesn’t seem likely to stop anytime soon, with large companies and high-profile individuals the common targets.  One of the main reasons for this sudden increase is the change from linear attacks to multi-option, this move absolves the original authors from the crime […]

NFT Hype? Answer to the 5 most frequently asked questions.

Almost every technology-savvy person has heard the term Non-Fungible token (NFT) in the last few months. The excitement grew, even more, when a digital asset was sold for a whopping $69 million naira. Woah! That was revolutionary, and since then, many celebrities and even crypto investors have jumped on the NFT bandwagon, including Tom Brady […]

Frequently Asked Questions: Cloud Security

How safe is the cloud? Who has access to the cloud? How can you be protected round the clock from hacking attempts? And more importantly what steps are being taken by the service providers to protect your data?  This article has been put together to help find answers to some Frequently Asked Questions related to […]

Data Tokenization vs Data Encryption

Data tokenization and data encryption are two major words you would often come across in the world of data security. Is data tokenization the same as data encryption? What are the differences if they are not the same? Is there any sort of similarity between them? These questions will be answered in this article. What […]

VPN (Gateway): What It is, benefits, and why you should use one?

VPN gateway VPN stands for “Virtual Private Network” which is designed to establish a “protected” network connection when using public networks, this makes it difficult for third parties to steal your data or track your online activities. In layman’s terms, a VPN establishes a “secure and private” connection to the internet, from your device to […]

Metaverse: Risks associated with it and how to mitigate them.

In case you missed the previous article where metaverse and its advantages were explained, please click on this link to read  Risks associated with the metaverse and how to mitigate them. As the boundaries between reality and the virtual worlds are gradually but steadily getting blurred. The innovation of the metaverse technology keeps increasing, the […]

The virtual world called “Metaverse”

The Metaverse has been a very hot topic in the past few weeks since the founder of Facebook “the big Mark” switched the name of the popular social networking platform and its subsidiaries to META, and he explained the plans of the company as it relates to metaverse in a live stream. The term has […]

Database activity monitoring

What is Database activity monitoring (DAM)? The process of observing, identifying, and reporting the activities carried out within a database with minimal effect on the performance of the system is called Database activity monitoring (DAM). Database activity monitoring is carried out by use of instantaneous security technology tools that give real-time monitored updates, analysis, and […]

Network Data Loss Prevention

In this post, I will talk about network data loss prevention (DLP), its importance, and some available dlp solutions. I have written some articles in the past about data, read through the blog to get updated. What is network dlp? While data is in motion, network data loss prevention (DLP) software monitors, detects and potentially […]

Email Security

Email security is a vital necessity because email contains sensitive information. Due to the high usage of such means of information transfer, it has since become a major target for attack. This and many more reasons are why companies are favoring the use of cloud-based email services like Gmail, Outlook, Protonmail, etc. What is Email […]

Data Privacy: Definition and Overview

The world has gotten so small, as information has become more accessible, shareable, and more vulnerable. Data privacy is the security of personal information from unwanted access by third parties and determines who has access to the information. Personal information like age, location, contact information in both real-time and online platforms are usually open to […]

Malware forensic: An overview

If a simple action such as clicking on a link or opening an email can cause disastrous outcomes, then Malware and Malware forensic cannot be overlooked. In my last post, I explained malware, how it works, antimalware and antimalware tools. Check it out here for more understanding. What is Malware Forensic: Malware is the collective […]

MALWARE: EVERYTHING YOU NEED TO KNOW ABOUT IT

Malicious Software popularly known as MALWARE is the collective name for any program or software that intentionally puts a computer, a server, a network or group data at risk.  Malware is a set of code written or developed by cyber attackers with the aim of intentionally harming certain data set or gaining unauthorized access into […]

Computer Network Protocols: What it is and how it works

Computer Network Protocols… What it is and how it works Network protocols is a word I’m sure you have heard in use among diverse technology professionals. In this article, I will try to explain what it is and some of the network protocols employed by information systems. Let’s start with Computer Networks. This simply put […]

Virtual Private Database: A practical approach: Column Level VPD

Column Level VPD In my previous post, we did a practical on how to perform Row-level restriction using VPD policies. This practical will focus on the Column level restriction. And as said earlier we will be using the HR sample schema. In this tutorial, we are going to secure some columns in the HR table […]

5 steps to ensure a better home network security

A home network refers to a group of devices connected to each other and to the internet through either a wireless or wired network connection. Ensuring the home network security is strong and up to date is an important part of network security. In this short article I will be listing out 5 steps to […]

Mobile Device Security

Mobile security is the security measures put in place to avoid risk and vulnerability of data and assets loss attached to using mobile computing devices like smartphones, laptops, Tablets etc. What is so important about Mobile security? The use of Mobile Devices is the future: Slowly and gradually technology has evolved from using stationary devices […]

Virtual Private Database: A practical approach

In our previous post, we learnt what the Oracle Virtual Database was all about. If you haven’t read it click here. Without wasting much of your time, let get busy with our practicals What is needed Working Oracle database (10g and above) HR sample schema. Sql work environment (SQL Navigator, Toad, etc) Today’s tutorial will look at the following types […]

Introduction to Cloud Computing

The idea of cloud computing might seem like a seriously big deal. Don’t worry I got you today. What is cloud computing? Cloud computing according to The National Institute of Standards and Technology (NIST) is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, […]

Microsoft SQL Server Security check

SQL Server, owned by Microsoft is one of the leading data platforms used as a production database to store very sensitive data. We should all know by now that data is an organization’s most valuable asset. This makes it a necessity to efficiently secure the SQL Server database.This quick post will highlight some important back-end […]

Nmap Cheatsheet X

Network mapper (NMAP) is an opensource security tool used for network exploration, security scanning and auditing In this article, I will be listing some important Nmap commands that will make network assessment easy. Let’s go! Scan single Ipaddress: nmap ipaddress Scan a host: nmap server1.abc.xyz Scan a host with more information: nmap -v server1.abc.xyz Scan […]

Social Engineering: The pervasive art of deception

Social Engineering like the term suggests refers to a diverse range of activities employed by malicious parties with the aim of luring unsuspecting victims to divulge sensitive information which will impact their online safety and might lead to financial loss. This tactic has been increasingly employed by malicious parties in recent years, as it is […]

Understanding ARP Poisoning: A practical approach

ARP poisoning also known as ARP Spoofing is an attack on the network which allows the attacker to intercept network communication between the target computer and the network. This concept is called MAN-IN-THE-MIDDLE attack and it makes it easy to steal sensitive data like username and passwords, bank data  etc.The man in the middle attack […]

NOSQL . A summary of what it entails

NoSQL is a database management system that provides a means of storing and retrieving data.It uses a different approach which is completely different from the tabular relations used in relational databases that we are more used to.In this post I will summarize a quick understanding of what NoSQL is with its advantages/disadvantages and uses. There are three (3) common types […]

SAP ERP. An Introduction

SAP ERP is a common ERP (Enterprise Resource Planning) software used by companies for the coordination of all core business functionalities, such as procurement, materials management, production, finance, sales, marketing, and human resources. SAP (Systems, Applications, and Products) is believed to be the most common ERP that assists companies of different sizes, small businesses, midsize […]

Open Source Tools in Cybersecurity

I have previously written on open source. Here is the link to that article, for more understanding. Today, I want to talk about open source tools. In this article I will discuss 10 open source tools that hackers and security researchers use to gather intelligence,before the real assessment or hacking is done.  First, what are […]

Oracle Human Resources Management System

Oracle Human Resources Management System (HRMS) is a major component of the Oracle E-Business Suite of applications.Simply put, It is an integrated suite of applications which supports every aspects of the HR function. There are several modules defined in Oracle HRMS eg Oracle Human Resources (HR),Oracle Payroll,Oracle Performance Management,Oracle iRecruitment,Oracle Time & Labor(OTL) etc.In this post […]

11 Steps on how HTTPS Secure connection Handshake is established

Every HTTPS connection begins with what is called a HANDSHAKE which is the negotiation between a client and server detailing and agreeing on how they will communicate. The handshake determines the following: What cipher suite to be used to encrypt the communications, Serer verification by Client, Clients verification by Server Lets now go through the 11 steps […]

Blockchain Oracles: What are they and how do they work?

In the past few articles, I have written about blockchain, smart contract, smart contract audit and cryptojacking. I saw it fit to do a piece on blockchain oracles and we will be exploring this topic on the borders of: What are blockchain oracles? Blockchain Oracles Use case Types of oracles The oracle problem Blockchain oracles […]

Ransomware

With the increasing rate of ransomware, the need to protect files and networks have become essential. Especially if as a company you store a lot of data on your server and you transfer a lot of data also. Both your server and information transfer process needs to be secured to guard against ransomware. What is […]

Cryptojacking: what it is, how it works and how to prevent it.

In recent times, I believe the worst that can happen to anyone who trades, invests in cryptocurrency is Cryptojacking. I have written some articles about  blockchain and smart contract, read more for better understanding on this topic.  What is Cryptojacking? Let me break it down, the word cryptojacking  was coined from two words Cryptocurrency and […]

Beware!! Sim card cloning is possible: A simple but technical explanation

Mobile phones have transcended from just making calls to being used as a private vault. Nowadays mobile phones are used to store extremely sensitive data including authentication to corporate and personal emails and most especially banking credentials. A high proportion of bank customers now have mobile phone numbers linked with their bank accounts due to […]

Auditing Smart Contract

I did a piece on smart contract where I detailed the basics of the technology, how it works, platforms that drive smart contract and its diverse use case. The article can be found here: Smart Contract. In this article, we will further explore smart contracts by considering the security.  let us break down Auditing Smart […]

SSLSCAN: Detecting security protocols in use on a server

SSLscan is another type of port scanner similar to NMAP. However its objective is to scan SSL ports to determine what security protocols or ciphers supported and/or preferred. In this blog post we will be looking at how to access and use SSLscan. It is very useful when it comes to testing security protocols accepted […]

How to extract WIFI passwords through Windows Command Prompt

Have you ever experienced the situation where you wanted to utilise wifi configured to connect to one machine in an entirely new machine, but couldn’t remember the wifi password?In today’s post we will be looking at how we can extract wifi passwords via command prompt.To get this done a utility will be used called Netsh. According […]

Open source: 5 things you need to know about it to better your use of it.

  Gone are the days when mentioning the use of Open source software was considered taboo in companies or business settings. Over time, it use has become acceptable, in fact, open source software is the first consideration when the need arises. While it is now acceptable, it may not be what it seems to be, […]

Checking for windows update from Command Prompt

For security reasons, it is important to ensure that your system is properly secured by ensuring it has the necessary security updates/Patch required.This post will focus on how to identify the status of your patch update. It will be done through the command line A patch is a set of changes to a computer program […]

Breaking down Adware

What is Adware?  Are all online Adverts adware?  There is nothing more annoying than seeing unwanted advertisement pop-ups while watching your favourite show, playing a game online either on your computer or your laptop. Adverts ranging from how to be a millionaire in seven days, to how to burn belly fat overnight, and a lot […]

DDoS: What does it mean?

Distributed denial of service (DDoS) is an attack such that the source website of a company is bombarded with a lot of requests that are more than its capacity, which then affects the ability of the website to function properly. With the rapid recurrence of such attacks, many companies whose business model requires a massive […]

Hacking: The untold truths about hacking

Hacking has been associated with a lot of things both legal and illegal. The common image that comes to mind when people hear hacking is that of an individual wearing a mask with a disturbed radio-like robotic voice, a laptop probably wearing a red or black jumpsuit with a lot of pizza boxes thanks to […]

Evaluating Oracle Weblogic Middware Controls

WebLogic is Oracle’s proprietary application server. It is Java base and Inherited when it acquired BEA Systems in 2008.it’s used by many businesses to build and deploy enterprise applications. Weblogics popularity and widespread use has made it a target by malicious individuals.In this post, I will provide you with suggested control that can be implemented […]

What is Honey pot in cybersecurity?

 Honeypot calls to remembrance the Trojan Horse a concept first put to use in the Greek mythology. It’s an open gift that is part of a game plan. Due to the concurrent incidence of cyberattack, cybersecurity experts then thought of it. Why wait for them to attack first? Why don’t we attract them using a […]

How to use YASCA static code analysis tool

Yasca which is an acronym for “Yet Another Source Code Analyzer” is an open source program which looks for security vulnerabilities, code-quality, performance, and conformance to best practices in program source code. It leverages external open-source programs, such as FindBugs, PMD, JLint, JavaScript Lint, PHPLint, Cppcheck, ClamAV, Pixy, and RATS to scan specific file types. […]

Insider threat and what you need to know about it

The unfortunate thing about threats, risk to your data, information and security is that it starts internally little wonder it is called an Insider threat. Most attacks  on business security and information are not  cases of a well designed malicious masks and glove wearing  group called Hackers. What is an Insider Threat? An insider threat […]

FAQs and Answers in Information Technology Risk

When Big names in the finance, commerce and other industries cannot protect their data, this implies that they are having information leakages and issues recovering their data and here is the point where Information Technology risk comes in. Information Technology risk assists in minimizing the risks associated with the technology environment of a company. It  […]

Static Code Analysis. An Introduction

Static code analysis is a method in computer program debugging that is done by examining the code without actually executing the program. The process provides an understanding of the code structure and can help to ensure that the code adheres to laid down standards.Automated tools can assist programmers and developers and auditors in carrying out […]

Top 5 Information security professionals to follow on Linkedin

According to reports, Cyber security is currently one of the hottest trends in the IT world- CyberSecurity Venture Report predicted that by the year 2021 the world’s total cyber crime damage will amount to a total of $6 trillion while spending on cybersecurity will exceed $1 trillion. Wow! $1 trillion to save $6 trillion. That […]

5 Resources That will Make You Better at Information Technology Risk

Information Technology Risk has a very important role to play in the risk management field as it brings to the fore the body of risks that can hamper the achievement of business objectives as it concerns the technology environment. In this article, I have listed out five (5)  resources that will not only make you […]

Introduction to Oracle Virtual Private Database

Oracle Virtual Private Database (VPD) enables you to create security policies or group policies to control database access at the row and column level. It allows multiple users to access a single schema while preventing them from accessing data which is not relevant to them. VPD uses Fine-Grained Access Control to limit the visibility of the data to […]

How to sell Information Technology Audit to a skeptic

Information Technology Audit  is a sub-field under the Audit function which has garnered a lot of interest in the past few years, largely because of the widespread adoption of technology to drive the core and ancillary parts of businesses. It has become more important because businesses want to address the risk of material misstatements as […]

Brute-forcing passwords on Microsoft SQL Server to test for weakness

SQL Server is a relational database solution created by Microsoft. It utilises several types of login to gain access to the database namely: Windows authentication which is the default, and is often referred to as integrated security because SQL Server security model is tightly integrated with Windows. In this type of authentication Windows users who have […]

Google Dorks: The ultimate query engine

A Google Dork, also known as Google Dorking or Google hacking, is an advanced technique to retrieve or obtain information from google. It is mostly used to find vulnerable targets and sensitive data using advanced search queries. It is a valuable resource for security researchers. Google is known as a search engine used to find […]

VLAN: A basic understanding

VLAN stands for Virtual Local Area Network. This is a local area network where the computers, servers and other network devices are LOGICALLY connected regardless of their physical location.

Data State Security in four minutes

A data state is described as the different condition of data while being utilized in a computing environment. The term is especially used in information security.In this post, you will learn the various states data can be in. As an added bonus, you will also learn the various ways we can also protect this data at each individual states. […]

An Introduction to Blockchain

An Introduction to Blockchain What is Blockchain technology? History of Blockchain Breaking things down Benefits of blockchain What does all this mean? What is Blockchain Technology? Blockchain is a system that makes recording of information foolproof, such that it is difficult to alter or cheat the system. It employs the use of a decentralized digital […]

Oracle Database Security and Audit

Oracle database security and audit is important because oracles db is the most widely used database by most if not all organizations worldwide, from keeping records of customer data in banks, hospitals, etc, subscriber data and call logs by telecommunication companies to as big as keeping the entire identity record of citizens of a nation. Because […]

4 Basic Reasons Your Security Spending is Unnecessarily High

Having a sufficient security budget is paramount to ensuring an organization’s cybersecurity program is well implemented. There’s every possibility for this budgetary figure to increase largely year after year and stakeholders keep wondering where all the money is going. In some cases, the money is well spent while in some, there’s no tangible value that […]

A Journey to Auditing Virtualization

Virtualization is the process of creating a virtual, representation of an entity, such as virtual applications, servers, storage and networks. It is the single most effective way to reduce Technology expenses by reducing hardware footprint while boosting efficiency and agility for all size businesses. However, good as it is, virtualization can create a single point […]

14 Faults With Your Vulnerability Management Program You do not know

One of the biggest headaches for organizations security-wise is having to deal with technical vulnerabilities (Faults With Vulnerability Management) periodically. While some organizations have a well mapped out process to manage vulnerabilities, some others still struggle with the “Whack-A-Mole” method, randomly dealing with vulnerabilities as they appear.