Introduction: An overview of the NICE Cybersecurity Workforce Framework In 2017, the National Institute of Standards and Technology (NIST) published Special Publication 800-181, the NICE Cybersecurity Workforce Framework (or NICE Framework); the document categorizes and describes cybersecurity work as well as the knowledge, skills and abilities (KSAs) needed by professionals to complete tasks in the [β¦]
The post How to use the NICE Cybersecurity Workforce Framework to plan career progression: A practitionersβ guide appeared first on Infosec Resources.
Introduction In cryptography, a key is a very important piece of information used to combine with an algorithm (a cipher) to transform plaintext into ciphertext (encryption). The first step of preventive security is not encryption; however, the proper management of a cryptographic key is essential. Key management includes the generating, using, storing, archiving and deleting [β¦]
The post The ultimate guide to encryption key management appeared first on Infosec Resources.
Introduction This article provides an overview of how printing functions work and how format strings are used to format the data being printed. Developers often use print functions for a variety of reasons such as displaying data to the users and printing debug messages. While these print functions appear to be innocent, they can cause [β¦]
The post Introduction to Printing and Format Strings appeared first on Infosec Resources.
Introduction In the previous articles, we discussed printing functions, format strings and format string vulnerabilities. This article provides an overview of how Format String vulnerabilities can be exploited. In this article, we will begin by solving a simple challenge to leak a secret from memory. In the next article, we will discuss another example, where [β¦]
The post How to exploit Format String Vulnerabilities appeared first on Infosec Resources.
Introduction: This article provides an overview of various techniques that can be used to mitigate Format String vulnerabilities. In addition to the mitigations that are offered by the compilers & operating systems, we will also discuss preventive measures that can be used while writing programs in languages susceptible to Format String vulnerabilities.Β Techniques to prevent [β¦]
The post How to mitigate Format String Vulnerabilities appeared first on Infosec Resources.
How public-key cryptography works Public-key or asymmetric cryptography is one of the two main types of encryption algorithms. Its names come from the fact that it uses two different encryption keys: a public one and a private one. Public and private keys The private key used in public-key cryptography is a random number with certain [β¦]
The post Public-Key Cryptography in Blockchain appeared first on Infosec Resources.