These days, confidence attacks and romance fraud attacks are very common. An attacker deceives a victim into believing the attacker and the victim have a trust relationship, whether family, friendly or romantic. So, victim will trust to attacker. At this time, the attacker asks the victim to send money to the attacker. Or the victim may [...]
Assess Security Impact of Acquired Software When an organization combines with or purchases another organization, the acquired source code, repository access and design, and intellectual property should analyze and review to assess security. Also, the phases of the development cycle should review. There are some use cases that bear further discussion: Open source: Never [...]
Assess the Effectiveness of Software Security In this section of this tutorial, we'll take a look at assessing the effectiveness of software security . These days, one of the most important aspects of cyber security is assessing the effectiveness of application security. Once the application is ongoing and software has been programmed, the next [...]
Identify and Apply Security Controls in Development Environments Organizations must be able to take multiple levels of risk mitigation to protect the code, as well as the applications. In this section of this tutorial, we'll take a look at security controls in development to help you understand the different aspects of security controls in [...]
Understand & Integrate Security in the Software Development Life Cycle (SDLC) SDLC of course sometimes called software development methodology (SDM) also. Anyway, SDLC refers to all the steps required to develop software and systems from conception through implementation, support, and (ultimately) retirement. These days, one of the most important aspects of cyber security is [...]
Address Personnel Safety and Security Concerns And finally we have reached the last part of this domain. In this section of this tutorial, we'll take a look personnel safety and security concerns to help you understand the different aspects of personnel safety. We discuss in this section that how to make sure that employees [...]
Implement and Manage Physical Security Physical security is yet another important aspect of the security professional’s responsibilities, and refers to securing physical assets such as land, buildings, computers, and other company property. We've discussed about important physical security concepts and technologies in detail before. If you need to refer to the contents of these [...]
Participate in Business Continuity Planning (BCP) and Exercises Business continuity focuses on a business operating with minimal or no downtime. At result, It also includes disaster recovery. We can say that business continuity is a strategy while disaster recovery is a tactic. In this section of this tutorial, we'll take a look at business [...]
Implement Disaster Recovery (DR) Processes The general process of disaster recovery include: Responding to the disruption Activation of the recovery team Ongoing tactical communication Assessment of the damage Recovery of critical assets and processes Response The first thing to consider when an incident occurs is whether the disaster recovery process is needed. If the [...]