-
What is a ‘NOC’? What is a ‘SOC’? The Battle of ‘NOCs’ vs. ‘SOCs’…
Noc’ing the Soc’s Off You!! First of all, I want to preface this by stating and asking, “Why aren’t NOCs and SOCs the same thing???” Just initially hearing what the acronyms stand for alone, and going based off of that, I would think we would want “Network” and “Security” intertwined and treated with a holistic approach. Similar to how security should be “baked in” to software. NOC–Network Operations Center A NOC is a Network Operations Center (NOC, pronounced like the work ‘knock’), which can also be referred to as a “network management center”. It can be one or more locations from which network monitoring and control (i.e. network management) is…
-
What is a “False Positive”?
A true positive is an outcome where the model correctly predicts the positive case. Ex: Downloaded file is malware, and the A.V. detected it as malware. A true negative is an outcome where the model correctly predicts the negative case. Ex: Downloaded file is NOT malware, and the A.V. did NOT detect it as malware. A false positive is an outcome where the model incorrectly predicts the positive case. Ex: Downloaded file is NOT malware, but the A.V. detected it as malware. A false negative is an outcome where the model incorrectly predicts the negative case. Ex: Downloaded file is a malware, AV did NOT detect it as malware. True…
-
What is Attack Surface?
Attack surface. First thing I start thinking is the surface area, or the exposed area that is susceptible to a cyber onslaught by threat actors, or bad people with malicious intent. According to Wikipedia: “The attack surface of a software environment is the sum of the different points (for “attack vectors”) where an unauthorized user (the “attacker”) can try to enter data to or extract data from an environment. Keeping the attack surface as small as possible is a basic security measure.” via Wikipedia “KEEPING THE ATTACK SURFACE AS SMALL AS POSSIBLE IS A BASIC SECURITY MEASURE.” **clap, clap** Does that last line stick out to anyone else?? It should.…
-
What is Traffic Light Protocol (TLP)?
Traffic Light Protocol (TLP) is a system for classifying sensitive information created in the early 2000s in order to facilitate greater sharing of information. “TLP is a set of designations used to ensure that sensitive information is shared with the appropriate audience. It employs four colors to indicate expected sharing boundaries to be applied by the recipient(s).”[1] TLP is “optimized for ease of adoption, human readability and person-to-person sharing”.[1] It is to be noted that TLP is distinct from the Chatham House Rule, BUT may be used in conjunction, if deemed appropriate by the information exchange participants. Chatham House Rule— “when a meeting, or part thereof, is held under the…
-
What is Remote Code Execution?
What is Remote code execution (RCE)? A simple web search brings up a Wikipedia page on Arbitrary code execution (ACE). According to Wikipedia: In computer security, arbitrary code execution (ACE) is an attacker’s ability to execute arbitrary commands or code on a target machine or in a target process. An arbitrary code execution vulnerability is a security flaw in software or hardware allowing arbitrary code execution. A program that is designed to exploit such a vulnerability is called an arbitrary code execution exploit. The ability to trigger arbitrary code execution over a network (especially via a wide-area network such as the Internet) is often referred to as remote code execution…
-
Hello world!
Welcome to Cybersecurity Is Sexy! This is it bring cybersecurity awareness to the masses!
