Kalau ada yang berminat mengetahui information security breach report bisa lihat di link di bawah ini:
http://www.jonfisherthoughts.co.uk/2014/06/information-security-breach-report-2-18.html
Salam!!
Thursday, 19 June 2014
Tuesday, 17 June 2014
Threat Modeling Process
Bagi yang berminat untuk membuat Threat Modeling, bisa gunakan Threat Modeling Process dari Microsoft:
http://msdn.microsoft.com/en-us/library/aa302419.aspx
Selamat mencoba!
http://msdn.microsoft.com/en-us/library/aa302419.aspx
Selamat mencoba!
Sunday, 18 May 2014
Security Guides
Bagi yang ingin mengetahui petunjuk bagaimana konfigurasi yang aman pada sistem, jaringan, dan lain-lain bisa lihat di website NSA.
http://www.nsa.gov/ia/mitigation_guidance/security_configuration_guides/fact_sheets.shtml
Semoga bermanfaat!!
http://www.nsa.gov/ia/mitigation_guidance/security_configuration_guides/fact_sheets.shtml
Semoga bermanfaat!!
Friday, 9 May 2014
20 Kontrol Keamanan
Ada 20 kontrol keamanan yang wajib di implementasi menurut SANS:
1: Inventory of Authorized and Unauthorized Devices
2: Inventory of Authorized and Unauthorized Software
3: Secure Configurations for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers
4: Continuous Vulnerability Assessment and Remediation
5: Malware Defenses
6: Application Software Security
7: Wireless Access Control
8: Data Recovery Capability
9: Security Skills Assessment and Appropriate Training to Fill Gaps
10: Secure Configurations for Network Devices such as Firewalls, Routers, and Switches
11: Limitation and Control of Network Ports, Protocols, and Services
12: Controlled Use of Administrative Privileges
13: Boundary Defense
14: Maintenance, Monitoring, and Analysis of Audit Logs
15: Controlled Access Based on the Need to Know
16: Account Monitoring and Control
17: Data Protection
18: Incident Response and Management
19: Secure Network Engineering
20: Penetration Tests and Red Team Exercises
1: Inventory of Authorized and Unauthorized Devices
Friday, 11 April 2014
Web Application Security Scanner
Perlu dicoba free dan open source scanner untuk web application security.
http://www.arachni-scanner.com/
Selamat mencoba...
http://www.arachni-scanner.com/
Selamat mencoba...
Wednesday, 12 February 2014
DDOS Attack
Teman2
Bagi yang ingin mengetahui tentang serangan DDOS bisa kunjungi websitenya Prolexic.
http://www.prolexic.com/index.html
Selamat membaca!
Bagi yang ingin mengetahui tentang serangan DDOS bisa kunjungi websitenya Prolexic.
http://www.prolexic.com/index.html
Selamat membaca!
Thursday, 6 February 2014
Pentest FTP
Tools ini bisa digunakan utk pentest FTP.
http://securityxploded.com/ftp-password-sniffer.php
Semoga berguna!
http://securityxploded.com/ftp-password-sniffer.php
Semoga berguna!
Subscribe to:
Posts (Atom)