fbpx
 

Author: Sam Alapati

SANS 20 Critical IT Controls #8: Controlled Use of Administrative Privileges
Sam AlapatiDatabase security, DSS (Data Security Standard), Oracle database, Oracle: News You Can UseLeave a Comment on SANS 20 Critical IT Controls #8: Controlled Use of Administrative Privileges

A common technique used b y hackers is to guess the passwords for administrative users to gain access to a server, and from there compromise vast swatches of a system. Hackers are constantly devising powerful password cracking tools to see if they could grab a system admin or network admin’s password.

SANS 20 Critical IT Controls #7: Application Software Security
Sam AlapatiDatabase security, DSS (Data Security Standard), Oracle database, Oracle: News You Can UseLeave a Comment on SANS 20 Critical IT Controls #7: Application Software Security

While strengthening your network and perimeter security does keep potential attackers away, you do want people to access your web sites and web application, of course. Unfortunately, while most users access your applications and web sites for legitimate purposes, you can’t control the user input.

SANS Critical IT Security Controls #4: Secure Configurations for Network Devices
Sam AlapatiDatabase security, DSS (Data Security Standard), Oracle database, Oracle: News You Can UseLeave a Comment on SANS Critical IT Security Controls #4: Secure Configurations for Network Devices

Network configuration includes the configuration of all network devices such as firewalls, routers and switches. Often times, an initially secure network configuration becomes somewhat insecure over time, as occasional configuration changes are made to the network to accommodate temporary needs.

SANS 20 Critical IT Security Controls #2: Inventory all Software
Sam AlapatiDatabase security, Security Assessments, Security RiskLeave a Comment on SANS 20 Critical IT Security Controls #2: Inventory all Software

Most companies do a pretty good job of keeping an inventory of all their hardware such as servers, work stations, laptops and PD As. However, companies don’t usually put the same type of effort into tracking software that’s installed on their systems. Of course, there are many strong reasons for this, including the fact that it’s not easy to keep update with all the different types of software you need to use today. Hackers are always looking for vulnerable software […]

In Archive