Blog

  • SeriousSAM (Windows 10&11 Vulnerability) Mitigation Walkthrough

    A new vulnerability in Windows 10 and Windows 11 was discovered a few days ago. The vulnerability – SeriousSAM , allows attackers with user account access to perform a Pass-the-Hash (and

    Read More
  • Your First 5 Steps in Linux Server Hardening

    When installing a new Linux server, you should be aware that its level of security is very low by default, to allow as much functionality as possible. Therefore, performing basic hardening

    Read More
  • How to Mitigate Print Spooler’s PrintNightmare Vulnerability

    A few days ago, PrintNightmare – Microsoft’s Print Spooler vulnerability (CVE-2021-34527), which was classified ‘Low’ in its criticality level, got upgraded to be classified as ‘critical’. The reason for this is

    Read More
  • SECURITY IMPACT ANALYSIS – What, Why, and How?

    When planning a hardening project, there are two types of impact analysis you need to think of as part of your plan – policy impact analysis and security impact analysis.  

    Read More
  • Data Protection Hardening Checklist

    Data protection is a broad definition that covers many information security practices. But before jumping into purchasing shiny tools that claim to protect your data, there is a lot you can

    Read More
  • Windows Passwords Setting Guide

    Setting and enforcing passwords policy should be a top priority for organizations in their cyber hygiene practice. Best practices and recommendations keep being updated since this issue is so critical for

    Read More
  • CIS Hardening and Configuration Security Guide

    The Center for Internet Security (CIS) published an updated version for the CIS Controls- CIS Controls v8. The CIS Controls are a set of gold standard guidelines for organizations facing data

    Read More
  • Deny Access to This Computer From the Network – Best Practices for DC and Member Server

    Setting which group of users will be denied from accessing the computer from the network is a fundamental step in a hardening project. Hardening can be a painful procedure when done

    Read More
  • Access and Deny Access to This Computer From the Network

    Controlling who can access your computers from the network and which users must be denied is a basic act in system hardening. Allowing users to access a computer from the network

    Read More
  • Access This Computer From the Network – Best Practices for DC and Member Servers

    Setting which group of users can access a computer from the network is a fundamental step in a hardening project. Hardening can be a painful procedure when done in complex environments.

    Read More
  • Hardening Tools 101 [updated:2021]

    System hardening refers to actions done to reduce the attack surface, by securing the configurations of the system’s components (servers, applications, etc.). As arrived from the manufacturer, system components are more

    Read More
  • LDAP Authentication and Security – Signing, Binding and Configuration

    Lightweight Directory Access Process (LDAP) is a user authentication process developed for directory services. This protocol is usually used by applications for searching resource information such as users and different system

    Read More