Posts

WordPress is the most powerful content management system. According to analytics tools, WP powers 30% of websites running on the internet. WP is a popular and user-friendly CMS. It is written in PHP and uses MySQL to save data. Unlike scripting languages such as JAVA EE, ASP, PHP is easy to learn. Shared hosting companies offer a 1-click WP installer tool. If you use this tool, you can launch a new website within few minutes. Configuring DNS server and the web server isn’t enough. To make sure that your new website is found by search engines and internet users, you must do the below things: ...

The nature of the Internet and worldwide connectivity has changed the traditional centuries old paradigm regarding proximity. We now see threats from all parts of the global. What are three cybersecurity policies for a firm that would mitigate risks for cybersecurity attacks at the global level? Cybersecurity threats continue to rise year after year and the problem continues grow due to the global nature of attacks. Organizations must implement security policies in order to protect themselves against such threats. Below are three policies that would help organizations better defend against global threats. ...

Vulnerability assessments can be a very effective way of gathering information on an organizations internal security posture. The purpose is to accumulate data on any weaknesses revealed that should be proactively mitigated to prevent exploitation. There are a number of tools that can be used to carry out vulnerability assessments. Typically, a software-based tools are used to scan a selected part of an organizations infrastructure. This can range from specific areas that are exposed to the public, to entire sections of the organizations network (Cima, 2001) lists four of the most common types of vulnerability scanner. These include network-based scanning tools, host-based scanning tools, database scanning tools, and wardialers. ...

Advanced Persistent Threats (APTs) are security threats that use advanced techniques to hide their attack from their target. They are commonly used to target specific information in high-profile companies and governments. APTs usually follow a long-term strategy of attack in order to gather information from the breached system. There have been many examples of APTs over the years targeting well known organizations. In 2013 the Mandiant report revealed evidence that a specific Chinese military unit has been behind many major Advanced Persistent Threats (APTs) within the United States. Since then APTs have been used against large companies including Yahoo, Google, Northrop Grumman, and many others. One of the most complex APTs in recent years was the Stuxnet computer worm (“Stuxnet: Advanced Persistent Threat - Ran Levi,” n.d.), which targeted Iran’s nuclear program. ...

As a developer, knowledge of web application security vulnerabilities is essential in order to build software that is both resilient to attacks and protected through a layered approach of defense. The cybersecurity landscape is constantly shifting, however a good understanding of the most common vulnerabilities is a great place to get started with security. Before reviewing the articles below, be sure to look at 10 Most Common Security Vulnerabilities. The list that follows are a handful of articles I’ve written over the years both in my graduate and professional work. They focus on application security specifically as well as an understanding of the people behind such attacks. ...

The word Cybersecurity is thrown around so much these days it has almost become overused in many conversations. This is due to the vast number of topics associated with its meaning. So how can we define it better? Traditionally Cybersecurity has described as a process for securing information or assets owned by governments, organizations, and individual people. The term itself can be considered a discipline that drives security initiatives and categorizes risks, vulnerabilities, and threats. (Assante & Tobey, 2011) describe Cybersecurity as people (both defenders and attackers), engaged in a contest of playing out on a field of information systems and technology. Cybersecurity influences organizational processes, policies and overall strategy through principles and frameworks. This better informs and fosters the awareness of threats, management of risk, and development of resilient multi-layered security systems. Homeland Security describes the importance of cybersecurity in protecting infrastructure that is vulnerable to a wide range of risk stemming from both physical and cyber threats and hazards (“Cybersecurity Overview,” n.d.). These threats can include internal personnel within an organization, external people, and natural threats such as electricity outages. Within the organization, employees are typically categorized as the highest threat. ...

The term asymmetric refers to an unequal balance or when thinking about threats, an unfair advantage to the perpetrator. Phillips, A (2012) provided an excellent overview of what an asymmetric threat is. He described attacks of this nature to be undetectable, and once occurred, impossible to determine its origin. Rubin (2007) further elaborates on this concept by defining the term asymmetry as that which focuses on placing one strength against an adversary’s weaknesses, even when the overall forces may favor the adversary. This is opposed to traditional combative threats, which require much more planning, financial means and well-coordinated execution through military groups. ...

You’ve decided it’s time to start solidifying ideas for your ideal website. You have no doubt spent countless hours in the planning phase identifying your target audience, design considerations, and of course you have a solid idea of your overall content strategy. If you haven’t, then do yourself a favor and take a look at The Complete Guide to Building Your Personal Brand, What Makes an Effective Website? and How to Design a Website for a Specific Target Audience? before reading on. ...

Fundamental to all modern web development is a strong foundational knowledge of version control. In recent years Git has emerged as the go-to choice for many developers and continues to gain popularity. Github is a platform that uses Git for source control. It provides an environment that encourages and fosters community open source development. It is a great platform to publish and use for version control on your own web sites and projects. Below I have listed several resources for getting started with Git, Github, Github Pages and Open Source. ...

The HTML5 and CSS learning resources provided here supplement classroom materials for my CMST 386 class taught at the University of Maryland University College. Please report any broken links in the LEO classroom. If you have any suggestions for additional resources that could be added here, let me know. To access some of these resources you will need to sign up for a free account, which I cannot mandate in class. ...