IntroductionIn a previous post, I have outlined steps to take to establish a security program from nothing from a business perspective. In this post I will outline the important technological steps needed to set up this security program. As we all know, security is linked to technology, so why not talk about what should be...Read More

The need for security in organizations is growing by the minute. Organizations are doubling down and many are starting to ask questions on how to build a proper cyber security program. If you were interested in this type of information, look no further! I will outline two different perspectives needed to build a program and...Read More

The following is a quick post on how I would design a secure password recovery/ forgot password mechanism. I hope this is useful to you as you can use portions of this policy for your organization as well.  I would design a secure password recovery/ forgot password mechanism the following way: First, if a user were...Read More

The following post highlights best practices surrounding application security. These have been adapted from SANS and touch on general development and integration practices. These are the same recommendations that I use and make to developers in my everyday role when they want to create apps and also connect them to other systems. I have made...Read More

The following is a quick post that should help you understand how SQL Injections work. SQL Injection is a software vulnerability that is introduced into the computing environment when developers create dynamic SQL queries that require user input. These types of attacks can affect most programming languages with any type of database. The following is...Read More

The following is my opinion on whether or not Uber is a disruptive technology. I hope you enjoy the read. Uber first came into the scene by launching a product that was truly disruptive. Disruptive technology can be defined as any enhanced or completely new technology that replaces and disrupts an existing technology, rendering it...Read More

The following post is a quick walkthrough on how to set up a secure password storing policy. In application security, it is very important to have a secure and reliable password storage policy. I hope you fine the following to be useful and maybe even implement it in your organization. When designing an application, I...Read More

This is a quick post to help you in your understanding of Trust Models and how it relates to cryptography. The trust models can be broken down to several degrees of trust. In general Trust model can be defined as “the type of trust relationship that can exist between individuals or entities. For example, direct...Read More

The following is an high level overview of Cryptography. I hope this post lays the foundation in your understanding of information travels securely across the internet. Essentially, cryptography is the basis of how information travels securely across the World Wide Web. Both end-users, such as ourselves, and large corporations make use of cryptography in their...Read More

The following is my personal opinion in regards to whether or not companies are able o claim security by obscurity. To level set all users, this can be formally defined as the reliance on the secrecy of the design or implementation as the main method of providing security for a system or component of a system. I...Read More