Questions tagged [defense]
Defense is the use of security countermeasures to protect the integrity of the information assets in an IT system and/or infrastructure.
254
questions
0
votes
0
answers
100
views
How to properly protect company laptop on a business trip to China [duplicate]
This question (How safe are employee laptops in China against International corporate espionage?) got me thinking - what is the proper way to go on a business trip to China and protect your laptop. ...
1
vote
1
answer
126
views
Sharing the key to a password vault securely
We have an application that holds a bunch of passwords in an encrypted vault for various purposes. What is the best practice for storing the key for that vault? There feels like there's a ...
0
votes
1
answer
116
views
Does self-signed encryption certificate violate "no multi-use keys" principle?
Say that I have generated an RSA keypair, which I intend to publish only for use with RSA-KEM; I can see that this is provisioned for:
The intended application for the key MAY be indicated in the key ...
1
vote
1
answer
924
views
What are the best practices to safely store OAuth2 tokens in a database?
I'm building a website with Patreon integration and I have identified the need to store Patreon user's OAuth2 token in the database. I'm wondering what's the best way to do that, security-wise. Some ...
0
votes
1
answer
108
views
OS/DB Hardening Checklist Drafting Process
We are looking into reviewing our organization OS/DB hardening checklist (done by predecessor). We're aware that there are various benchmarks out there like CIS & STIG to guide on that, and the ...
0
votes
3
answers
152
views
Security in depth vs security theatre
If some security measure serves only to add an extremely small barrier to an attack, are there generally accepted principles for deciding whether that measure should be retained?
Does defence in depth ...
0
votes
2
answers
206
views
How do you detect attacks on Intel ME firmware and the AMD equivalent?
Since there are quite a few exploits of Intel ME firmware in the CPU (same applies to AMD), I would like to know what SIEM solutions are there for detecting these kinds of attacks.
To be more exact, I ...
1
vote
1
answer
572
views
Is it still recommended to block Living Off The Land Binaries (LOLBins) in Firewall?
https://lolbas-project.github.io/
Realistically, do we still need to block cmd.exe or certutil.exe in Windows firewall, on latest version of Windows? Lolbins are for Linux too but my question is only ...
1
vote
1
answer
111
views
Reuse credentials if same data in same security environment
We're managing a shared hosting environment of Wordpress websites on a web server.
Each site has its own database password and FTP password, both are randomly generated and stored in AWS ...
15
votes
6
answers
5k
views
Is it acceptable to exclude folders in antivirus?
A technical problem has arisen, and the vendor's first suggested solution is to exclude the program's folders from our antivirus. There are multiple reasons I am hesitant to do so:
Primarily: If a ...
2
votes
0
answers
78
views
Normative reference for a web application disclosing existing values of integration secrets to users
In a web-based SaaS product, one of the configuration pages allows users to set credentials for system-wide integrations with other products. These include usernames, passwords, and API secrets.
The ...
0
votes
2
answers
183
views
Is not Electrum's Seed Word Autocomplete a Theoretical Security Risk?
As the image below shows, when you try to restore an existing wallet from a seed (a sequence of 12 words), the program offers some autocomplete suggestions. Though I'm sure the risk is purely ...
0
votes
0
answers
110
views
Are there any security architecture patterns in the same way there are software design patterns (GOF)?
So I've been googling around and couldn't find an answer to my question (I don't discount the option that I could be asking the wrong question after all).
I see there is a question that deals with ...
1
vote
1
answer
182
views
Is "time locking" a good strategy for protecting data with HSMs?
I've read several times that many HSMs support configurable rate limiting on cryptographic operations, as a way of protecting against a hacker that compromises a server that has access to the HSM. So ...
2
votes
1
answer
245
views
How to prevent small mistakes that have massive impact?
I frequently have very personal files temporarily on my virtual desktop.
I sometimes download a new program, which is going into a VM. Before sending it in there, I tend to VirusTotal scan it.
I load ...