Route Origin Validation is a security process used in internet routing to check if the organisation announcing a particular block of IP addresses is authorised to do so. It helps prevent accidental or malicious rerouting of data by verifying the legitimacy of route announcements. This process relies on a system where network owners register which…
Category: InfoSec
DNSSEC Implementation
DNSSEC, or Domain Name System Security Extensions, is a set of security protocols added to the Domain Name System to protect users from certain types of cyber attacks. It works by digitally signing DNS data so that computers can verify it has not been tampered with during transmission. Implementing DNSSEC involves enabling these digital signatures…
VPN Split Tunneling
VPN split tunnelling is a feature that lets you choose which internet traffic goes through your VPN connection and which uses your regular internet. Instead of sending all data through the secure VPN, you can decide that only specific apps or websites use the VPN, while the rest connect directly. This helps balance privacy with…
Zero Trust Network Access (ZTNA)
Zero Trust Network Access, or ZTNA, is a security approach that assumes no user or device should be trusted by default, even if they are inside the network. Instead, every request for access to resources is verified and authenticated, regardless of where it comes from. This helps protect sensitive information and systems from both external…
Discretionary Access Control (DAC)
Discretionary Access Control, or DAC, is a method for managing access to resources like files or folders. It allows the owner of a resource to decide who can view or edit it. This approach gives users flexibility to share or restrict access based on their own preferences. DAC is commonly used in many operating systems…
Mandatory Access Control (MAC)
Mandatory Access Control, or MAC, is a security framework used in computer systems to strictly regulate who can access or modify information. In MAC systems, access rules are set by administrators and cannot be changed by individual users. This method is commonly used in environments where protecting sensitive data is crucial, such as government or…
Attribute-Based Access Control (ABAC)
Attribute-Based Access Control (ABAC) is a way of managing who can access information or resources based on specific characteristics, called attributes. These attributes can relate to the user, the resource, the action being taken, or the context, such as time or location. ABAC enables flexible and precise access rules that go beyond simple roles or…
Privileged Access Management
Privileged Access Management, or PAM, is a set of tools and practices used by organisations to control and monitor who can access important systems and sensitive information. It ensures that only authorised individuals have elevated permissions to perform critical tasks, such as changing system settings or accessing confidential data. By managing these special permissions, businesses…
Credential Rotation Policies
Credential rotation policies are rules and procedures that require passwords, keys, or other access credentials to be changed regularly. This helps reduce the risk of unauthorised access if a credential is compromised. By updating credentials on a set schedule, organisations can limit the damage caused by leaked or stolen credentials.
Session Token Rotation
Session token rotation is a security practice where session tokens, which are used to keep users logged in to a website or app, are regularly replaced with new ones. This reduces the risk that someone could steal and misuse a session token if it is intercepted or leaked. By rotating tokens, systems limit the time…