Looking to step up your web app pentesting and bug bounty skills? In this video, Alex from TCM Security walks you through some of the best FREE tools and resources to help you sharpen your AppSec knowledge and techniques. Whether you’re just starting out or looking to boost your skill set, these tools are must-haves!
Tag: learn it
ICMP – Internet Control Message Protocol
The Internet Control Message Protocol (ICMP) is a fundamental protocol used in the Internet Protocol (IP) suite. It is primarily designed for network devices to communicate error messages and operational information regarding the status of the network. While ICMP is not used for transmitting data like TCP (Transmission Control Protocol) or UDP (User Datagram Protocol), Read More …
AZ 900 – Part III – Microsoft Entra ID
Microsoft Entra ID Overview What is Microsoft Entra ID? Microsoft Entra ID, formerly known as Azure Active Directory (Azure AD), is a cloud-based identity and access management service provided by Microsoft. It enables organizations to manage user identities and access to resources securely. Key Features of Microsoft Entra ID Identity Management: User Lifecycle Management: Entra ID Read More …
AZ 900 – Part II – Architecture & Security II
Microsoft Azure is a powerful cloud computing platform that provides a wide range of services and resources for building, deploying, and managing applications and services through Microsoft-managed data centers. Understanding the structure of Azure is essential for effectively utilizing its capabilities. Key components of Azure’s organizational structure include subscriptions, management groups, resource groups, and resources. Read More …
AZ 900 – Part I – Microsoft Azure Cloud Concepts
Microsoft Azure Cloud Concepts Cloud Service Models Types of Cloud Computing Benefits of the Cloud Fundamental characteristics of cloud computing Cloud computing offers convenient, on-demand access to your computing resources online. This has facilitated the move to remote work and supports collaboration wherever you are located. For IT teams, cloud services also make technological provisioning Read More …
ESM – Exposure Surface Management
Exposure Surface Management (ESM) aims to proactively identify, assess, and mitigate vulnerabilities across an organization’s digital assets, including those external to the traditional IT infrastructure, to reduce the risk of cyberattacks. Here’s a breakdown of what ESM looks like: Comprehensive Asset Inventory: ESM starts with a thorough inventory of all assets, both internal and external, Read More …
ASM – Attack Surface Management
Attack Surface Management (ASM) focuses on identifying, monitoring, and mitigating potential vulnerabilities and risks across an organization’s entire digital footprint, including both known and unknown assets, to reduce the potential attack surface. Here’s a more detailed explanation: Continuous Process: ASM is not a one-time task, but rather a continuous process of discovery, analysis, prioritization, remediation, Read More …
What are the advantages of FASP
The speed increases are achieved by sending larger packets than TCP, not waiting for confirmation that a packet has been received before sending the next one, and only re-sending packets that are confirmed as having been dropped. FASP (Fast and Secure Protocol), used in IBM Aspera, offers significant advantages for cloud data transfer, enabling faster, Read More …
BGP: The Backbone of Internet Routing and Its Security Challenges
In the vast and interconnected world of the Internet, one of the most critical protocols ensuring the flow of data is Border Gateway Protocol (BGP). BGP is the routing protocol that enables different autonomous systems to communicate and exchange routing information. Without BGP, the Internet as we know it would not be able to function, Read More …
GRE Tunnels in Modern Networking
In the world of modern networking, flexibility, security, and efficiency are paramount. As the Internet continues to evolve, so do the methods by which data is transmitted across complex infrastructures. One such method is the use of Generic Routing Encapsulation (GRE) tunnels. In this article, we’ll explain what a GRE tunnel is, how it works, Read More …