Penetration testing is as equally important as a vulnerability assessment. The term penetration testing can be defined as a cyber attack simulation to check all the defense mechanisms of the organizations are working properly. As technology is evolving, so are hackers, increasing the chances of vulnerabilities being exploited. …

Any event that might cause a disruption to an organization’s operations including system breaches, any threats to harm to the CIA triad, or violation of policies is considered an incident. What should an organization do if such incident occurs? …

If you may recall from the previous Cyber Kill Chain blog, an attacker collections information during the reconnaissance phase and tries to gain access to the target systems in order to achieve their objectives. It is possible that an attacker might have used a brute force attack in one of…

What is malware? It means malicious software — any software that is created to cause disruption, damage or to get unauthorized access to assets in order to exfiltrate, delete or cause damage to data. Threat actors use different types of malware to achieve their objective like mentioned in the Cyber…

The Cyber Kill Chain is a model developed by Lockheed Martin which helps organizations to identify and defend against cyber attacks. This framework includes seven steps that the attacker would take in order to successfully meet their objective.

Reconnaissance — This first stage is where the adversary would observe their…

What is data leakage? This term can be taken literally — when data has been leaked outside of the organization, but usually without consent. There are three different types of data leakage: accidental breach, by disgruntled employee, or by someone with malicious intent.

Accidental breaches occur more often than expected…

OCEG stands for Open Compliance and Ethics Group. OCEG is a nonprofit organization group that started out to help improve compliance and ethics, hence the name OCEG, and has now developed into providing education and certifying members on governance, risk and compliance (GRC).

OCEG provides GRC standards written by members…

Soojin Park

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store