セキュリティ監視入門A new tool that blends your everyday work apps into one. It's the all-in-one workspace for you and your team
Essays: CyberInsecurity: The Cost of Monopoly - Schneier on Security
CyberInsecurity: The Cost of Monopoly How the Dominance of Microsoft's Products Poses a Risk to Security Daniel Geer, Charles P. Pfleeger, Bruce Schneier, John S. Quarterman, Perry Metzger, Rebecca Bace, and Peter GutmannComputer & Communications Industry Association ReportSeptember 24, 2003 Table of Contents 1. Author Listing 2. Introduction by Computer & Communications Industry Association (CCIA
Node.js — Security Best Practices
Security Best Practices Intent This document intends to extend the current threat model and provide extensive guidelines on how to secure a Node.js application. Document Content Best practices: A simplified condensed way to see the best practices. We can use this issue or this guideline as the starting point. It is important to note that this document is specific to Node.js, if you are looking for
https://www.jnsa.org/result/incidentdamage/data/incidentdamage_20210825.pdf
インシデント発生時の被害額について インシデント被害調査WG 2021 調査レポート インシデント損害額 Version 1.01 1 目次 目次 ................................................................................................................................. 1 Ⅰ はじめに................................................................................................................... 2 Ⅱ インシデントの概要 ..........................................................
The last S3 security document that we’ll ever need, and how to use it - TrustOnCloud
The last S3 security document that we’ll ever need, and how to use it Update: We have launched ControlCatalog, a friendly UI for our in-depth ThreatModels. Check it out: ControlCatalog We have released the ThreatModel for Amazon S3, free and open source. You can download it via GitHub. The Shared Responsibility Model is an easy-to-understand diagram by Cloud Providers. The reality is that: 1) The
EthicsfIRST: Ethics for Incident Response and Security Teams
EthicsfIRST Ethics for Incident Response and Security Teams Also available in PDF Members of incident response and security teams (Teams) have access to many digital systems and sources of information. Their actions can change the world. As a member of this profession, a Team member must recognize responsibility to their constituency and to other security professionals, as well as to wider society
Post-Spectre Web Development
Post-Spectre Web Development Editor’s Draft, 19 July 2021 This version: https://w3c.github.io/webappsec-post-spectre-webdev/ Latest published version: https://www.w3.org/TR/post-spectre-webdev/ Previous Versions: https://www.w3.org/TR/2021/WD-post-spectre-webdev-20210316/ Feedback: public-webappsec@w3.org with subject line “[post-spectre-webdev] … message topic …” (archives) Issue Tracking: GitHub
制御システムのセキュリティリスク分析ガイド 第2版 | 情報セキュリティ | IPA 独立行政法人 情報処理推進機構
IPAセキュリティセンターは、重要インフラや産業システムの基盤となっている制御システムのセキュリティを抜本的に向上させるのに重要な位置付けとなるセキュリティリスク分析を、事業者が実施できるようにするためのガイドを作成し、公開しました。 公開の背景 従来、制御システムは固有のシステムで構成され、外部ネットワークや情報系システムとは接続されていなかったことから、セキュリティの脅威は殆ど意識されてきませんでした。しかし近年、WindowsやUNIXといった汎用のプラットフォームや通信プロトコルの活用、ネットワークや外部メディアの利用といった環境の変化の下で、セキュリティ脅威の増大と実際のサイバー攻撃事案の発生が増加してきており、一方で制御システムは社会や産業における重要なインフラとしての位置付けも大きくなっており、そのセキュリティへの対応の重要性が非常に高まっています。 この様な状況を受け、IP
COOP and COEP explained
COOP and COEP explained 共有ログインお使いのブラウザのバージョンはサポートが終了しました。 サポートされているブラウザにアップグレードしてください。閉じる ファイル編集表示ツールヘルプユーザー補助機能デバッグ
NIST Privacy Framework: A Tool for Improving Privacy through Enterprise Risk Management
Version 1.0 NIST PRIVACY FRAMEWORK: A TOOL FOR IMPROVING PRIVACY THROUGH ENTERPRISE RISK MANAGEMENT January 16, 2020 The contents of this document do not have the force and effect of law and are not meant to bind the public in any way. NIST Privacy Framework January 16, 2020 i Executive Summary For more than two decades, the Internet and associated information technologies have driven unprecedente
Apple Platform Security
Hardware securitySecure software requires a foundation of security built into hardware. That’s why Apple devices — using iOS, iPadOS, macOS, tvOS or watchOS — have security capabilities designed into silicon. Learn more about Apple hardware security System securityBuilding on the unique capabilities of Apple hardware, system security is designed to maximise the security of the operating systems on
リリース、障害情報などのサービスのお知らせ
最新の人気エントリーの配信
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く
HackTricks | HackTricks
Ajv JSON schema validator
https://pdf.irpocket.com/C4255/KSWQ/zCPx/tFLN.pdf
package-manager-best-practices/published/npm.md at main · ossf/package-manager-best-practices
GitHub - WebAppPentestGuidelines/graphQLGuideLine
Trusted Types - mid 2021 report
Breaking trust: Shades of crisis across an insecure software supply chain
GitHub - c0rdis/security-champions-playbook: Security Champions Playbook v 2.1
Origin Isolation Design
