StrongBox IT

WHAT IS FISMA? Abbreviated as Federal Information Security Management Act, FISMA was established as federal law by the government of the United States in 2002. It mandates the federal organizations to develop, document, and implement an information security and security program. In addition, FISMA drafts the guidelines for federal data and security standards. It also […]

WordPress is a secure platform for running your website as long as website owners adhere to best security practices. While the WordPress core is safe, there is still much that can be done to keep the website secure from threats. Given the popularity of WordPress, there is a lot more to be gained by WordPress […]

1. OSCP(Offensive Security Certified Professional) The Offensive Security Certified Professional (OSCP) is an ethical hacking certification that teaches penetration testing methodology and how to use the tools included with the Kali Linux distribution. The OSCP is a practical penetration testing certification that requires holders to successfully attack and penetrate various live machines in a controlled […]

Amazon Web Services (AWS) offers a product called CloudFront, which, when combined with AWS WAF, helps businesses protect their web applications from intrusion. However, during an engagement, it was discovered that the “SQL Database” payload could be bypassed. Why Modshield SB is a great AWS WAF alternate? When Modshield SB(Our very own Web Application Firewall) […]

Information security, abbreviated as InfoSec, is the process of safeguarding information by mitigating information risks. It’s a component of information risk management. It typically entails preventing or reducing the likelihood of unauthorized/inappropriate data access or the illegal use, disclosure, disruption, deletion, corruption, modification of information. Information security is achieved through a structured risk management process […]

Over many years, the vehicle and system development process have been refined to standardize specification and verification tasks. Road vehicles — Cybersecurity engineering focuses on cybersecurity risks in the design and development of car electronics.  Major components: The goal of ISO SAE 21434 is to build on the ISO 26262 functional safety standard and provide […]

Web Application Firewall filters web traffic between the internet and web application. WAF is based on a predefined set of instructions and customized according to the risk and specific needs of the web application. It analyzes the incoming packets and filters out possible threats at the application level. WHY DO YOU NEED ONE? With the […]

The Health Insurance Portability Accountability Act was established as federal law by the government of the United States to set the standard for sensitive data protection. Companies dealing with Protected Health Information(PHI) must adopt physical network and process security measures to ensure HIPAA compliance. Hospitals, doctors, clinics, psychologists, dentists, chiropractors, nursing homes, and pharmacies that […]

ModSecurity is an open-source, cross-platform WAF(Web Application Firewall) designed primarily for Apache HTTP servers. It provides an event-based programming language that offers an array of HTTP requests, along with response filtering capabilities and various other security features across multiple platforms. It is a freeware released under apache license 2.0. ModSecurity offers protection from a wide […]

What is WAF? Web Application Firewall is for filtering web traffic between the internet and web application. WAF is based on a predefined set of instructions and customized according to the risk and specific needs of the web application. It analyses the incoming packets and filters out possible threats at the application level. Why do […]

Every business has a set of assets or sensitive data that malefactors may seem to exploit regardless of its size. These threat factors generally have different motives, some of them are good, some are not. Based on the motives hackers are categorized into six. White hat hackers Black hat hackers Grey hat hackers Red hat […]

National Cyber Security Alliance and the U.S. Department of Homeland Security (DHS) marked October is cyber security month, as a step to make people stay more safe and secure online. As a part of this program, some of the tips to enhance cyber awareness among the personnel are discussed below. 1. Make your passwords long: […]