Articles | What`s new?

Rapid Threat Model Prototyping

Last year I had the opportunity to take part to one of Geoffrey Hill’s presentation about the Rapid Threat Model Prototyping (RTMP) methodology he designed. I find it incredibly useful, so I decided to share with you the core principles and steps. This document is based on the Rapid Threat Model Prototyping official document.The RTMP is quite simply to apply: define the system design and the zones of trust, then...

Steps to Crack Passwords

There are many articles out there explaining what password cracking means, tools that you can use and many other useful thoughts, but there aren’t many resources containing practical steps to crack passwords. I decided that whenever I am working on something less documented out there than I would like, I will publish my own scripts and articles. Hence, this article explains password cracking step by step, based on my password...

7 Ideas of Custom Models for your Intrusion Detection System

Intrusion Detection Systems come with a predefined set of models they use as patterns to look out for anomalous network traffic. However, every company’s infrastructure is unique so these default models don’t cover everything that might be of interest to you. If you cannot afford the risk of missing visibility in some critical segments of your network, then you have to create your own custom IDS models. This article presents...

Best Email Signing and Encryption Solutions

Hi and welcome! I was honored to present this topic at #dc4420. You can read here everything I presented if you’d like to run through some things one more time. I addressed yesterday’s questions at the end of the article. You can always drop me an email if you have questions and if I can help, I will. I would like to introduce you the most known standards and the...

How to Create Custom IDS Models

Creating your own IDS custom models is not a difficult task, although it might require a lot of patience and time, depending on how well you know your infrastructure and the amount of exceptions lying around between systems. This article provides you with a baseline to have in mind when you create new IDS custom models for your own infrastructure. If what you need is a list of custom IDS...

Guidelines to Configure Your Endpoint Anti-Virus System

1. Introduction An endpoint antivirus (called simply AV in this article) is able to run on any many computers as it needs, although it is managed from a single place. It monitors each stage of the execution of any processes on each computer and takes a decision if that behavior should be allowed or not. 2. How it works An endpoint AV, as any endpoint tool, is usually based on...

How to Choose a Network Access Control System

Though they might not be the first security solution they come to your mind when you need to secure your systems, Network Access Control (NAC) systems are in fact useful and at least by some really needed. NAC’s main purpose is to manage who has access to each of your network segments and what they can do once they get access. Generally, they do this by allowing you to write...