Identity and Access Management (IAM) is a set of processes and technologies used to ensure that the right individuals have the appropriate access to resources in an organisation. It involves verifying who someone is and controlling what they are allowed to do or see. IAM helps protect sensitive data by making sure only authorised people…
Category: InfoSec
Multi-Factor Authentication (MFA)
Multi-Factor Authentication (MFA) is a security process that requires users to provide two or more independent credentials to verify their identity. These credentials typically fall into categories such as something you know, like a password, something you have, such as a phone or security token, and something you are, like a fingerprint or facial recognition….
Supply Chain Attack
A supply chain attack is when a cybercriminal targets a business by exploiting weaknesses in its suppliers or service providers. Instead of attacking the business directly, the attacker compromises software, hardware, or services that the business relies on. This type of attack can have wide-reaching effects, as it may impact many organisations using the same…
Exploit Chain
An exploit chain is a sequence of vulnerabilities or security weaknesses that an attacker uses together to achieve a specific goal, such as gaining unauthorised access or installing malicious software. Instead of relying on a single flaw, the attacker combines several smaller issues, where each step leads to the next. This approach allows attackers to…
Rootkit Detection
Rootkit detection is the process of finding hidden software known as rootkits on a computer or network. Rootkits are designed to hide their presence and allow attackers to control a system without being noticed. Detecting them often involves scanning for unusual changes in files, processes, or system behaviour that may indicate something is being concealed.
DNS Spoofing
DNS spoofing is a cyber attack where a hacker tricks a computer into thinking it is connecting to a legitimate website when it is actually being directed to a fake one. This is done by corrupting the Domain Name System (DNS) data used to match website names with the correct servers. As a result, users…
Network Segmentation
Network segmentation is the practice of dividing a computer network into smaller, isolated sections. Each segment can have its own security rules and access controls, which helps limit the spread of threats and improves performance. By separating sensitive systems from general traffic, organisations can better manage who has access to what.
Hash Collision
A hash collision occurs when two different pieces of data are processed by a hash function and produce the same output value, known as a hash. Hash functions are designed to turn data of any size into a fixed-size value, but because there are more possible inputs than outputs, collisions are unavoidable. Hash collisions can…
Security Operations Centre (SOC)
A Security Operations Centre (SOC) is a dedicated team or facility that monitors and manages an organisation’s security systems. Its main job is to detect, analyse, and respond to cyber security incidents using both technology and skilled staff. The SOC works around the clock to protect sensitive data and systems from threats, ensuring quick action…
Air-Gapped Network
An air-gapped network is a computer network that is physically isolated from other networks, especially the public internet. This means there are no direct or indirect connections, such as cables or wireless links, between the air-gapped network and outside systems. Air-gapped networks are used to protect sensitive data or critical systems by making it much…