The reality of modern information security in enterprises around the world.
Understanding the common keywords used in the info-sec industry that are used in conjunction with that complicated OWASP Top 10 WAST.
You are trying to go to the construction site and introduce yourself to the watchman by your name, and then go inside. This is identification. Before you go inside, you have to show your identity card to the watchman. This is authentication.
2-step verification / 2-factor authentication
You are forced to show the watchman your identity card and further, the watchman asks for a registered cell phone number that he verifies in the system and sends an OTP over the same. This is 2-Step Verification.
The watchman requires not only an identity card and valid cell phone number but also a separate government identity card. Similarly having more than +2 unique methods of identification verification is called multi-factor authentication. This is multi-factor authentication.
MFA / Multi-factor authentication
Authorization Token / Cookie / Session token
You go to a music concert and show a valid purchased ticket at the entry point for verification. Post verification of the ticket the host ties a ribbon in your hand. This is called an Authorization Token / Cookie / Session token.
Authorization Token / Cookie / Session token.
Impersonation / Session Impersonation
When a person forges someones else access card to enter the place, hence, by using someone else identity the watchman permits the person to go inside. This is impersonation.
Similarly in an organization, the employer provides their employees/stakeholders/guests an access card that is used to access the respective areas/cabins. These access cards can be cloned. This is called session impersonation.
Some hacker ripped off someone else’s badge and showed it everywhere. This is session hijacking.
He also put a copy of the badge with his identifier on the watchman and waited until he gave it to you. This is session fixation.
Privacy & Anonymity
You stomped on the newly poured floor, leaving no traces on it, and no one except you knows that it happened at all. This is privacy.
Privacy & Anonymity
You stomped on the newly poured floor and left traces on it, but no one knows which hacker did it. This is anonymity.
Logging (Apache Web Server Logs) & Flashback logging
The watchman wrote down the date and time of your arrival and departure in the journal. This is logging.
Apache Web Server Logs
The watchman follows you on your heels and records all your actions in general. This is flashback logging.
You’re at a construction site, and there is a chance of a brick falling on your head. This is a threat.
SIEM / Correlation of events / SOC Monitoring tool
The caretaker made an entry in the journal that a couple of days ago some work with the same surname as yours got a job at their construction site. This is a correlation of events.
During the correlation of events, the watchman periodically presses the button, after which the siren starts shouting, the red lights flash, and the entire staff takes off into the basements, laying bricks. This is SIEM. The head for this finally told the watchman to take note of such events and if observed again then alert him. This is an update of the SIEM event correlation rules.
Splunk is a tool used for real-time monitoring of such event correlation. This is a SOC Monitoring tool.
Before the construction of a site begins, a 3D model is created. Timelines to construct that site are calculated. All other important risk factors and benefits are discussed before the construction begins. The business output in terms of sales revenue in the future market is also calculated. Examples of similar projects in the same geo-located areas are taken as an example for calculation. In the end, if due to any natural calamity or any other factor, if the construction is frozen then the business dependency is also calculated. As this construction site shall not have an impact on other ongoing projects.
Continue reading Part II.
If you’re new to infosec or have been into infosec and planning to switch paths, then this will help you understand different keywords and job roles available in an organization. Based on the area you liked more and further wish to dig deeper then my next blog will help you understand the different job roles names that are given by an organization to hire candidates. This will provide you with more clarity on what career path to choose.