Secure Socket Layer Inspection, often called SSL inspection, is a process used by security devices to examine encrypted internet traffic. Normally, data sent over HTTPS is encrypted to keep it private, which also hides it from security tools. SSL inspection temporarily decrypts this traffic so the device can check it for threats like viruses or…
Category: InfoSec
Network Access Control Policies
Network Access Control Policies are rules set by organisations to decide who can connect to their computer networks and what resources they can use. These policies help keep networks safe by allowing only trusted devices and users to access sensitive information. They can be based on user identity, device type, location, or time of access,…
Intrusion Prevention Systems
Intrusion Prevention Systems, or IPS, are security tools that monitor computer networks for suspicious activity and take automatic action to stop potential threats. They work by analysing network traffic, looking for patterns or behaviours that match known attacks or unusual activity. When something suspicious is detected, the system can block the harmful traffic, alert administrators,…
Secure Logging Practices
Secure logging practices involve recording system and application events in a way that protects sensitive information and safeguards logs from unauthorised access or tampering. This means ensuring that logs do not contain private data such as passwords or credit card numbers, and that only authorised personnel can view or modify the logs. Secure logging also…
Secure Backup Strategies
Secure backup strategies involve creating copies of important data and storing them in a way that protects against loss, theft, or damage. These methods ensure that information can be recovered if the original data is lost due to accidents, hardware failure, cyber-attacks, or natural disasters. Good strategies use encryption, regular updates, and off-site or cloud…
Digital Certificate Management
Digital certificate management is the process of handling digital certificates, which are electronic credentials used to verify the identity of users, devices, or organisations online. It involves creating, distributing, renewing, and revoking certificates to ensure secure communication and data exchange. Proper management helps prevent expired or compromised certificates from causing security risks.
Message Authentication Codes
Message Authentication Codes, or MACs, are short pieces of information used to check that a message really comes from the sender and has not been changed along the way. They use a secret key shared between the sender and receiver to create a unique code for each message. If even a small part of the…
Secure Hash Algorithms
Secure Hash Algorithms, often shortened to SHA, are a family of mathematical functions that take digital information and produce a short, fixed-length string of characters called a hash value. This process is designed so that even a tiny change in the original information will produce a completely different hash value. The main purpose of SHA…
Certificate Pinning
Certificate pinning is a security technique used to ensure that a website or app only communicates with trusted servers. It works by storing a copy of the server’s digital certificate or public key within the app or client. When the app connects to a server, it checks that the server’s certificate matches the stored one….
Network Flow Analysis
Network flow analysis is the study of how information, resources, or goods move through a network, such as a computer network, a road system, or even a supply chain. It looks at the paths taken, the capacity of each route, and how efficiently things move from one point to another. This analysis helps identify bottlenecks,…