vulnerabilities, threats, attacks and countermeasures Archives - Jean-Christoph von Oertzen

CORS

jean-christoph — Mon, 24 Feb 2025 18:07:25 +0000

CORS : Cross Origin Resource Sharing CORS, or Cross-Origin Resource Sharing, is a security feature implemented in web browsers that allows or restricts web applications running at one origin (domain) to make requests to resources hosted on a different origin. This is crucial for maintaining the security of web applications, as it prevents malicious sites […]

The post CORS appeared first on Jean-Christoph von Oertzen.

CNAPP

jean-christoph — Sun, 23 Feb 2025 11:45:22 +0000

CNAPP : Cloud Native Application Protection Platform A Cloud-Native Application Protection Platform (CNAPP) is a comprehensive security solution designed to protect applications built and deployed in cloud environments. It combines various security capabilities, including vulnerability management, compliance monitoring, and runtime protection, into a single platform to secure the entire application lifecycle — from development to […]

The post CNAPP appeared first on Jean-Christoph von Oertzen.

CERT

jean-christoph — Sat, 22 Feb 2025 23:21:20 +0000

CERT : Computer Emergency Response Team A Computer Emergency Response Team (CERT) is a group of cybersecurity experts responsible for responding to and managing cybersecurity incidents and threats. CERTs provide support to organizations in detecting, analyzing, and mitigating cyberattacks, as well as coordinating responses to incidents. By offering guidance and expertise, CERTs play a crucial […]

The post CERT appeared first on Jean-Christoph von Oertzen.

ITDR

jean-christoph — Sat, 31 Aug 2024 10:59:22 +0000

ITDR: Identity Threat Detection and Response ITDR refers to a set of cybersecurity practices and technologies designed to identify, respond to, and mitigate threats specifically targeting user identities and access privileges within an organization. This approach focuses on monitoring user behavior and access patterns to detect any anomalies that may indicate malicious activities, such as […]

The post ITDR appeared first on Jean-Christoph von Oertzen.

EASM

jean-christoph — Tue, 28 May 2024 10:09:36 +0000

EASM: External Attack Surface Management "[…] is the process of continuously discovering, monitoring, evaluating, prioritizing and remediating possible entry points within an organization’s IT infrastructure that could be susceptible to an attack." https://censys.com/solutions/external-attack-surface-management/ EASM: External Attack Surface Management "[…] is the process of continuously discovering, monitoring, evaluating, prioritizing and remediating possible entry points within an […]

The post EASM appeared first on Jean-Christoph von Oertzen.

EPP

jean-christoph — Mon, 21 Aug 2023 15:58:14 +0000

EPP : Endpoint Protection Platform Although endpoint security technologies are converging, they can still be roughly divided into two categories: endpoint protection platforms (EPP) and endpoint detection and response solutions (EDR). The delineation between the two is quite clear to most IT security professionals. Simply put, EPP is preventive security – EDR provides detection and […]

The post EPP appeared first on Jean-Christoph von Oertzen.

PIM

jean-christoph — Mon, 21 Aug 2023 15:46:07 +0000

PIM: Privileged Identity Management […] gives users the ability to control, manage, and monitor the access privileges that people have to crucial resources within an organization. These may include important files, user accounts, documentation, and even application code and infrastructural elements such as databases and security systems. https://www.fortinet.com/resources/cyberglossary/privileged-identity-management PIM: Privileged Identity Management […] gives users […]

The post PIM appeared first on Jean-Christoph von Oertzen.

PAM

jean-christoph — Mon, 21 Aug 2023 15:44:35 +0000

PAM: Privileged Access Management consists of the cybersecurity strategies and technologies for exerting control over the elevated (“privileged”) access and permissions for users, accounts, processes, and systems across an IT environment. By right-sizing privileged access controls, PAM helps organizations condense their organization’s attack surface, and prevent, or at least mitigate, the damage arising from external […]

The post PAM appeared first on Jean-Christoph von Oertzen.

SEG

jean-christoph — Mon, 21 Aug 2023 14:24:40 +0000

SEG: Security Email Gateway Secure Email Gateways (SEGs) are an email security solution that sits inline on emails’ path from the public Internet to the corporate email server. This position allows it to inspect email for malicious content before it reaches corporate systems. However, the design of the SEG makes it less suited to protecting […]

The post SEG appeared first on Jean-Christoph von Oertzen.

UTM

jean-christoph — Sat, 13 May 2023 16:04:03 +0000

UTM: Unified Threat Management […] refers to when multiple security features or services are combined into a single device within your network. Using UTM, your network’s users are protected with several different features, including antivirus, content filtering, email and web filtering, anti-spam, and more. UTM enables an organization to consolidate their IT security services into […]

The post UTM appeared first on Jean-Christoph von Oertzen.