Cyber Security

WordPress Hardening And Optimization

WordPress Hardening & Optimization Checklist

A minimal checklist for hardening (securely configuring) and optimization of a WordPress website is provided below. Hardening (secure configuration): Always keep the operating system of the server where the WordPress website is hosted up to date.Install and configure an application firewall (Wordfence plugin can be used).Install an SSL certificate, deactivate HTTP, and redirect all traffic to HTTPS.Change the URI of /wp-admin/ to something less obvious (WPS Hide Login plugin can simplify the job).Add a 404 page not found and redirect…

Read more
The Role Of Business In Cybersecurity

The Role of Business in Cybersecurity

This article discusses the role of Business in Cybersecurity and how they can assess the security level of IT/OT systems they own. Because the Business must participate in the overall cybersecurity program of the organization, it should not delegate overall responsibility for the cybersecurity of the IT/OT systems it owns (existing or to be implemented) to technical personnel. Introduction Fearful of the growing number of publicly disclosed cybersecurity attacks and incidents, Business personnel are increasingly asking their Technical colleagues an ostensibly…

Read more
Knowledge From Security Vulnerabilities

Knowledge From Security Vulnerabilities

Security vulnerabilities can provide valuable knowledge for business, technical and operational decision-making and Vulnerability Intelligence is the practice to determine such information and knowledge. Computer system security vulnerabilities [1][2] are dangerous and must be addressed because they can be exploited to compromise the confidentiality, integrity, and availability of computer systems, as well as the data and information stored and managed by these systems. The analysis of security vulnerabilities, on the other hand, can serve as a valuable source of information…

Read more

Identification Of Software Security Vulnerabilities

Classification and identification of software security vulnerabilities is not often easy and to facilitate it here I present a reference model, databases, metrics, and relationship between CVE, CVSS, CWE, CWSS, OWASP, and SANS standards. Many organizations and communities create and maintain a wide range of standards, databases, metrics, and classifications in order to identify, describe, publicize, and assess the severity of software vulnerabilities. Because of this plethora of entities and information, it is frequently difficult to understand the distinctions and relationships…

Read more
Search