Posts by Rapid7

3 min Automation and Orchestration

What is Data Encryption Standard (DES)?

Synopsis The Data which is encrypted by symmetric key method is called Data Encryption Standard (DES). It was prepared by IBM Team in 1974 and declared as national standard in 1977. Government was also using cryptography, especially in diplomatic communication and military. Without cryptography it’s difficult to interpret military communication. Cryptography was also used in commercial sector. Federal Information Processing Standard (FIPS) was also working on DES. FIPS was integrated with comput

4 min Komand

How to Use Your Threat Model as a Guidepost for Security

The threats you face are unique to your company's size, industry, customer base, and many other factors. So your approach to protecting your organization's digital data should be unique, too. In this post, we’ll cover a framework to develop an effective threat model that will fits your organization's unique needs. The Factors that Determine Your Unique Threat Model There are many factors that can determine your threat model. And while this will vary from company to company, we've identified th

9 min

How to Prevent XSS Attacks

In my last post, we covered what is XSS and why it’s so hard to prevent, which can seem overwhelming, given what we know now. With even major web sites making mistakes should the rest of us just give up unplug our internet connections and go read a book? Of course not, there are a number of techniques that the community has developed to mitigate the risks of XSS. Here’s what we can do to prevent XSS attacks. Training The first line of defense is Training the developers. At this point, it is

3 min Automation and Orchestration

Exploring SHA-1 (Secure Hash Algorithm)

Synopsis In computer cryptography, a popular message compress standard is utilized known as Secure Hash Algorithm (SHA). Its enhanced version is called SHA-1. It has the ability to compress a fairly lengthy message and create a short message abstract in response.  The algorithm can be utilized along various protocols to ensure security of the applied algorithm, particularly for Digital Signature Standard (DSS).  The algorithm offers five separate hash functions which were created by National Sec

3 min Automation and Orchestration

Triple DES, 3-DES Network Encryptor

Synopsis Triple Data Encryption Algorithm (3DES) is an advancement of the popular DES standard.  3DES utilizes symmetric key block cipher. Using three unrelated 64 bit keys, 3DES was created to encrypt 64 bit blocks of data.    In DES block, each key is utilized as an input. Without creating an entire new cryptosystem, 3DES can highlight the apparent defect in DES. Through exerting the algorithm three times in progression with three unlike keys, 3-DES simply enhances the key size of DES. As DES

3 min Automation and Orchestration

Understanding Dynamic Multipoint Virtual Private Network (DMVPN)

Dynamic Multipoint Virtual Private Network (DMVPN) is a solution which enables the data to transfer from one site to another, without having the verification process of traffic.

4 min Automation and Orchestration

Information Security Risk Management Cycle - Overview

Synopsis Information security risk management [https://www.rapid7.com/fundamentals/information-security-risk-management/] is a wide topic, with many notions, processes, and technologies that are often confused with each other. In this series of articles, I explain notions and describe processes related to risk management. I also review NIST and ISO standards related to information security risk management. In theprevious article [/2017/06/24/information-security-risk-management-introduction/],

3 min Automation and Orchestration

How to Install and Configure AIDE on Ubuntu Linux

Synopsys Aide also known as Advanced Intrusion Detection Environment is an open source host based file and directory integrity checker. It is a replacement for the well-known Tripwire integrity checker that can be used to monitor filesystem for unauthorized change. It is very usefull when someone placing a backdoor on your web site and make changes that may take your system down completely. Aide creates a database from your filesystem and stores various file attributes like permissions, inode nu

7 min Automation and Orchestration

How to Install and Configure OSSEC on Ubuntu Linux.

Synopsys OSSEC is an open source host-based intrusion detection system that can be used to keep track of servers activity. It supports most operating systems such as Linux, FreeBSD, OpenBSD, Windows, Solaris and much more. It is used to monitor one server or multiple servers in server/agent mode and give you a real-time view into what’s happening on your server. OSSEC has a cross-platform architecture that enables you to monitor multiple systems from centralized location. In this tutorial, we w

6 min Komand

10 Steps Towards the Path of Better Security for Your Business

Information security is hard. So hard, in fact, that many choose to ignore it as an intractable problem, and choose to ignore it wherever possible. They use the same password everywhere, carry sensitive data around on unencrypted laptops which they then leave on public transportation, run old applications on old operating systems, and a plethora of other such security issues. In an alarmingly-large number of data breaches, attackers do not resort to zero-day attacks or secret blackhat hacker te

2 min Automation and Orchestration

Setting Up and Managing a Bug Bounty Program

Synopsis Bug bounties have become mainstream and rightfully so. They offer a method to access and harness the intelligence of varied set of expert hackers and security researchers without having to incur the cost of hiring an army of security professionals. The main advantage though is that one can keep a step ahead of the malicious hackers. This article talks about how to setup a bug bounty program and some of the pitfalls to watch out for. When to do a Bug Bounty ? One obvious question that w

5 min Automation and Orchestration

How to Install and Use PSAD IDS on Ubuntu Linux

Synopsys PSAD also known as Port Scan Attack Detector is a collection of lightweight system daemons that run on Linux system and analyze iptables log messages to detect port scans and other suspicious traffic.PSAD is used to change an Intrusion Detection System into an Intrusion Prevention System. PSAD uses Snort rules for the detection of intrusion events. It is specially designed to work with Linux iptables/firewalld to detect suspicious traffic such as, port scans, backdoors and botnet comman

4 min Automation and Orchestration

How to Install and Configure Bro on Ubuntu Linux

Synopsis Bro is a free open source Unix based network analysis framework started by Vern Paxson. Bro provides a comprehensive platform for collecting network measurements, conducting forensic investigations and traffic baselining. Bro comes with powerful analysis engine which makes it powerful intrusion detection system and network analysis framework. Bro comes with a powerful set of features, some of them are listed below: * Runs on commodity hardware and supports Linux, FreeBSD and MacOS.

4 min Automation and Orchestration

Information Security Risk Management - Introduction

Synopsis Information security risk management [https://www.rapid7.com/fundamentals/information-security-risk-management/] is a wide topic, with many notions, processes, and technologies that are often confused with each other. Very often technical solutions (cybersecurity products) are presented as “risk management” solutions without process-related context. Modern cybersecurity risk management [https://www.rapid7.com/fundamentals/what-is-cybersecurity-risk-management/] is not possible without

4 min Automation and Orchestration

Information Security Risk Management - Tiered Approach of NIST SP 800-39

Synopsis Information security risk management [https://www.rapid7.com/fundamentals/information-security-risk-management/] is a wide topic, with many notions, processes, and technologies that are often confused with each other. In this series of articles, I explain notions and describe processes related to risk management. I also review NIST and ISO standards related to information security risk management. In theprevious article [/2017/07/09/information-security-risk-management-cycle-overview/