Monthly Archives :

February 2020

IAM – 16/05/2019

IAM – 16/05/2019 tiptechnologies_6agik4

With Cloud IAM you can grant granular access to specific GCP resources and prevent unwanted access to other resources. Cloud IAM lets you adopt the security principle of least privilege, so you grant only the necessary access to your resources.

Step-by-step guide through the ISO 27001 / ISO 22301 Certification Audit – 17/05/2019

Step-by-step guide through the ISO 27001 / ISO 22301 Certification Audit – 17/05/2019 150 150 tiptechnologies_6agik4

Audits are a key component of becoming ISO 27001 / ISO 22301 certified, and your initial certification is a crucial step in detecting whether all the main elements of the management system are in place.

However, for many information security or business continuity managers and consultants, this process raises many questions.

For more info… contact osazee@tiptechnologies.co.uk

Concepts related to identity – 19/05/2019

Concepts related to identity – 19/05/2019 150 150 tiptechnologies_6agik4

In Cloud IAM, you grant access to members. Members can be one of the following types:

    Google account

    Service account

    Google group

    G Suite domain

    Cloud Identity domain

Download the doc here – https://cloud.google.com/iam/docs/overview

For more info… contact osazee@tiptechnologies.co.uk

Web application Vulnerability – 20/05/2019

Web application Vulnerability – 20/05/2019 150 150 tiptechnologies_6agik4

Web application Vulnerability is major puzzle in the security posture of an organization. The codes that run the application is the major focus of security.

Even though an organization is technically/logically well protected against OWASP_Top_10 vulnerabilities, there will be security gaps that only the organization’s security culture can fill.

Open Web Application Security Project (OWASP) Top Ten 2017 Project:[dt_sc_animation effect=”wobble” delay=”1″] Add Content to Animate [/dt_sc_animation]

     Top 10

            A1:2017-Injection

            A2:2017-Broken Authentication

            A3:2017-Sensitive Data Exposure

            A4:2017-XML External Entities (XXE)

            A5:2017-Broken Access Control

            A6:2017-Security Misconfiguration

            A7:2017-Cross-Site Scripting (XSS)

            A8:2017-Insecure Deserialization

            A9:2017-Using Components with Known Vulnerabilities

            A10:2017-Insufficient Logging&Monitoring

https://www.owasp.org/index.php/Category:OWASP_Top_Ten_2017_Project

Do you need help with your security posture? Contact us on osazee@tiptechnologies.co.uk.

The basic concepts of Cloud Identity and Access Management. – 15/05/2019

The basic concepts of Cloud Identity and Access Management. – 15/05/2019 150 150 tiptechnologies_6agik4

Google Cloud Platform (GCP) offers Cloud IAM, which lets you manage access control by defining who (identity) has what access (role) for which resource.

Do you want more…? Contact us on osazee@tiptechnologies.co.uk.

 

 

Identify Threats and Vulnerabilities with EDR and CASB in AWS

Identify Threats and Vulnerabilities with EDR and CASB in AWS 150 150 tiptechnologies_6agik4

*********** Sponsored By AWS Marketplace ***********

Identify Threats and Vulnerabilities with EDR and CASB in AWS. Find out how these solutions help identify who has vulnerable software/configurations on their cloud endpoints by leveraging indicators of compromise to enrich investigations and pinpoint the depth and breadth of malware across thousands of endpoints.

How to leverage endpoint detection and response (EDR) in AWS investigations

http://www.sans.org/info/215455

TOP VULNERABILITY THIS WEEK – 08/02/2019

TOP VULNERABILITY THIS WEEK – 08/02/2019 150 150 tiptechnologies_6agik4

08/02/2019

TOP VULNERABILITY THIS WEEK: NetWire variants used in fake business spam campaign