This guide was written as a follow-up to “Monitoring 101.” It seeks to provide further more advanced information about Monitoring, the challenges and the successes that can be had.

Network-Attached Storage (NAS) devices are a popular way for people to store and share their photos, videos and documents. Securing these devices is essential as they can contain sensitive information and are often exposed to the Internet. Because Synology is one of the top manufacturers of NAS devices, this paper chose to analyze a Synology DS215j. In doing so it identifies a number of exploitable security flaws. In this paper, they discuss in detail the analysis performed, methodologies used, and vulnerabilities found during the summer of 2015.

This paper takes a look at the cities of the United Kingdom, and the cyber threats that occurred there.

This book aims to be an accessible starting point for everyone that is starting to work with authentication. In this book, you’ll find a concise review of all the key protocols, formats, concepts and terminology that you’ll likely come across when implementing authentication.

The goal of this Report is to provide security information leading to a better understanding of the threat landscape, and to provide resources that can aid in minimizing security risk.

For many organizations, dealing with HTTPS traffic is something of a double edge sword. Recent moves to encryption challenge the status quo in terms of organizational oversight. Finding a balance between competing interests will be critical to moving forward, but while present technology limitations hamper those efforts, technological advancements can enhance them.

The experts at TrustWave have prepared this report to outline the issues and practices for web application firewall management.

This white paper takes a look at the Equifax breach of 2017 and offers a unique analysis at what could have prevented it.

This whitepaper provides an excellent resource for understanding SQL Injection attacks, in a web application environment.

As security measures get better at detecting and blocking both malware and cyberattacks, adversaries and cybercriminals are forced to constantly develop new techniques to evade detection. One of these advanced techniques involves “fileless" exploits, where no executable file is written to disk. These attacks are particularly effective at evading traditional antivirus (AV) solutions, which look for files saved to disk so they can scan them and determine if they are malicious. This report discusses these issues.

This report summarizes the goals and activities of the initiative, the history and status of the initiative and key cyber value-at-risk concept foundations.

This annual report takes a look at the bug bounty industry in 2018.

Learn why the construction and engineering sectors are high profile targets for state-sponsored threat actors engaged in cyber espionage.

This paper investigates many observable characteristics of web-servers that may affect the likelihood of compromise.