Man in the Middle: HTTP and HTTPS

Reading Time: 2 minutesIn the world of internet security, the lack of authentication and encryption in online communication has raised concerns about potential vulnerabilities. Many have expressed worries about the possibility of man-in-the-middle attacks, which could manipulate unsecured ...

SOC2 Type 2 Review: A Guide

Reading Time: 2 minutesA SOC2 Type 2 report contains 5 sections you may want to review when evaluating a service provider.This article briefly describes sections and identifies items to keep in mind when reviewing a SOC2 Type II ...

AWS Cloud Adoption Framework v3: A Summary

Reading Time: 4 minutesIntroduction The AWS Cloud Adoption Framework (CAF) provides insights and guidance on areas of the AWS cloud that a business should consider to improve its operations, create new opportunities, or increase the success rate of ...

CIS Benchmark in GPO format

Reading Time: < 1 minuteThe Center for Internet Security put out their recommendations for a secure configuration of any particular operating system. But why in a pdf format? For many, having the benchmark in a GPO format helps when ...

Pwn2Own Toronto 2022

Reading Time: 2 minutesI had the honor of being a guest at Pwn2Own 2022 hosted by Trend Micro in Toronto. The event consisted of teams of security researchers or a single researcher demonstrating active exploitation of zero days ...

Journey to CISSP

Reading Time: 2 minutesMany who passed this exam share their experience and I would like to do the same, after all, sharing information helps the Cybersecurity world. Also, furthering the profession is one of the CISSP ethics canons. ...