Simplify Security Stages

Many people, even some CISO, have no idea there is a different driving factor for different security generation.

With many years in working in Cybersecurity world, I found that there are different generation of Cybersecurity, just like the gen-X and gen-Y. And these Cybersecurity generation is driven by different factors depends on which stage the company at.

I called this Simplify Security Stage. Here is the different driving factor in different generation/stage. 

1. Generation 1 - (driving by Network Security)
2. Generation 2 - (driving by Application Security)
3. Generation 3 - (driving by Identity, Access and Management)

During the security generation 1, every company is focusing on network security. Thus, a successful Cybersecurity program is largely depends on how the network security performs. 

I started my security career in 1999, there it is when the security generation 1 started for most of the company. At this stage, whenever we talk about security architecture, we are talking about network security.

At around 2005, security generation 2 becomes more popular. Everyone in Cybersecurity starts talking about Application Security, penetration testing, and ethical hacking. 

And at around 2011, web application security is focused by almost everyone including IT personnel. To me, I'm still considering it as stage 2. And at this stage, the driving factor for a successful Cybersecurity team is how your application security works. This is also where the time everyone is talking about SDLC and application security framework. Most of the time, people like to refer to application architecture as security architecture.

Starting from 2016 (actually back in 2008/2009) the cloud-based infrastructure becomes a hot topic for enterprise. Many new terms such as SaaS/PaaS/IaaS or even XaaS describes how the new generation has begin to change how things work. 

IMO, the Identity-Access-and-Management or IAM, will be the key driving factor for a successful Cybersecurity organization in stage 3. 

This is simply because of the cloud infrastructure is far more complicated and accessible comparing to the stage 2. Look at the AWS/Azure/GCP configuration, everything start from IAM. To me, IAM will be used to describe the next security architecture. Thus my prediction for stage 3 security, most attack will be focusing on testing how IAM will perform, like how we focusing on network security and application security in the past.

So, at what stage your company today? Start learning to be the key driving factor for next generation of Cybersecurity.

WiFi Password

• Open command prompt and run it as administrator
• Llist all the Wi-Fi profiles, type this command in CMD “netsh wlan show profile.”
• Show the password by type the command “netsh wlan show profile [wifi- name] key=clear.”

Doodle PacMan

This is one of my favorite game since my young age, PACMAN.

I know there is a doodle version of pacman from google, but I like the following version more, and it is run on Javascript.

https://www.masswerk.at/JavaPac/JS-DoodlePacMan.html

Enjoy !!

Google PacMan Doodle can be found at:

https://www.google.com/logos/2010/pacman10-i.html

BIG-IP-Cookie-decoding

Found a POC that decode cookie values from BIG-IP load balancers >= 10.0.0

Links:

• https://github.com/evict/BIG-IP-Cookie-decoding
  

Why we need Vulnerability Scanning?

I've been asked for a question: why we need vulnerability scanning and what is it for?

After I give it a thought, and my answer is: Vulnerability Scanning is a process with the intent to assess 3 things at the infrastructure:

1. Missing patch
2. Mis-configuration
3. Default credential
   

Is this an over-simplified answer?  8-|

Let's see if I'm correct on this in the next few years.  :P