Talking about the cyber threat, whether in companies or with individuals, is too often a challenge because of its intangible nature, which makes it difficult to perceive for a neophyte. Cyberattacks such as ransomware or other phishing are real for everyone, but the ways to protect yourself from them often remain obscure. A pragmatic approach […]
The introduction to DevSecOps that I had written in my previous article, had highlighted the need for collaboration between the developers and the solution ops so that the security requirements are followed in a sustainable way. Indeed, the DevOps logic has shortened the delivery cycles in order to avoid the tunnel effect, a period during […]
Cybersecurity within the business world has continued to become more complex with the advent of telework. One of the factors that has facilitated remote work is the move-to-cloud, i.e. the migration (partial or total) of the information system hosted on physical servers administered within the company to dematerialized servers whose outsourcing is done remotely most […]
A recurring trend in IT security is the overused use of fashionable terms, which do not cover the same reality for the customer or his service provider. SecOps (Security Operations) is the perfect example here. In order to clarify the debates in the professional world, I therefore wanted to use my pentest laboratory prototype to […]
Long confined behind perimeter security, applications within an information system were protected with network equipment filtering the inputs and outputs of a homogeneous technical environment. However, this stronghold logic had a structural weakness. If the attacker managed to break into the secure perimeter, the compromise of the systems was greatly facilitated. In the early 2000s, […]
Unlike the reflections on cybersecurity decorrelated from the field that your author courageously writes in full view of all, putting it into practice is always trickier. In a field where many people pride themselves on their expertise, the demonstration of skills regularly borders on illegality. Certainly there are cybersecurity learning and challenge platforms such as […]
Seeing James Bond – Skyfall again allowed me to savor a film, which skilfully mocks Holywoodian clichés. One scene in particular is rich in teaching: Daniel Craig – archetype of the alpha male – is tied up by a Javier Bardem openly playing on his sexual ambiguity. Mentioning homosexuality in a blockbuster destined for the […]
Hardly a day goes by without another cyberattack hitting the headlines with alarming messages and sensational numbers. Far from an ethical vision to democratize information, cybercriminals target both individuals and large multinationals. In France, February 2021 was marked by two attacks on hospitals via Ramsomware. In this context of a global pandemic, the immorality of […]
In the first part, I mentioned the impact that electronic mass surveillance could have on individuals. Even if little is known about it, solutions exist to reduce personal exposure to services that profile our uses. The first two pillars on which I have based my data anonymization are the following: Avoiding the use of platforms […]
If electronic surveillance seems to become the norm in our modern societies, it is above all because information is an individual’s primary wealth. Its administrative data allows to define his identity, his patrimony and his professional activity. The data from his social networks or email messaging allow to know more about his tastes, his aspirations […]