Articles

UpGuard

Recent Posts

Top 9 Ways To Improve Mac OS X Security

It goes without saying that you should always be on top of required updates—we're a couple months into 2016 and Apple has already issued major security updates for OS X and iOS. In some cases, however, users may be partial or restricted to their particular flavor of Apple's flagship OS. Whether you're running Snow Leopard, Yosemite, or El Capitan, the following are 10 tips for fine tuning your OS X instance for a better security posture.

Filed under: security, cyber security

COBIT vs ITIL vs TOGAF: Which Is Better For Cybersecurity?

Adding a little bit of structure into one's affairs never hurts, especially when it comes to IT business processes and assets. To this end, various frameworks offer blueprints for achieving key organizational objectives like compliance and security. Three of the more popular frameworksCOBIT, ITIL, and TOGAF—are widely used by enterprises in this regard—let's see how they compare when it comes to bolstering cybersecurity and digital resilience.

Filed under: ITIL, cyber security, digital resilience, cobit, process

Top 10 Windows 7 Vulnerabilities And Remediation Tips

Upon its release, Windows 7 was hailed as "the most secure Windows ever"—true enough at the time, but its predecessor Windows Vista didn't exactly set a high bar security-wise.  Nonetheless, the updated OS shipped with literally hundreds of security changes and additions, addressing the needs of a more security-conscious home and business user base with features like AppLocker, BitLocker Drive Encryption technology, and more. Despite these improvements, Windows 7 has its own set of critical vulnerabilities—here are the top 11 on the list and how to fix them.

Filed under: security, Windows, vulnerabilities

Top 20 Critical Windows Server 2008 Vulnerabilities And Remediation Tips

Though Windows Server 2008with features like hard drive encryption, ISV security programmability, and an improved firewallis a significant leap forward in terms of security when compared to its predecessor Windows Server 2003, it is certainly not without its own security flaws. The following are the top 20 critical Windows Server 2008 vulnerabilities and tips on how to remediate them.

15 Ways To Secure Apache Tomcat 8

Apache Tomcat is the leading Java application server by market share and the world's most widely used web application server overall. Currently at version 8, the popular web server has not been without its security flaws, perhaps most famously publicized in this incident of aircraft hacking by security researcher Chris Roberts earlier this year. However, hardening Tomcat's default configuration is just plain good security senseeven if you don't plan on using it on your plane's network. The following are 15 way to secure Apache Tomcat 8, out-of-the-box.

10 Tips For Securing Your Nginx Deployment

According to Web3Techs, Nginx is the second most popular web server platform behind Apache, which is quite a feat considering the latter’s longstanding footprint in this arena. That said, more high performance websites are using Nginx over Apache for content and application delivery services, and its adoption rate has been steadily increasing over the years for good reason: it’s fast (blazingly so), lightweight, and available on all major OS platforms. The following are 10 important tips for hardening your Nginx deployment against the threat of cyber attacks.

Top 11 Ways To Improve MySQL Security

In the pantheon of open source heavyweights, few technologies are as ubiquitous as the MySQL RDBMS. Integral to popular software packages like WordPress and server stacks like LAMP, MySQL serves as the foundational data platform for a vast majority of websites and cloud services on the internet today. Unfortunately, its popularity translates to more commonly known attack vectors and security exploits —the following are 11 ways to shore up MySQL security and protect your data more effectively.

Cloud Security Showdown: Tanium vs. CloudPassage

Traditional IT security mechanisms are simply ineffective at protecting today's enterprise cloud and hybrid infrastructures against cyber attackers. For this reason, numerous upstarts have risen to the challenge with innovative approaches to implementing security in the data center and beyond. Two leaders in this category—Tanium and CloudPassage—utilize peer-to-peer and botnet-based technologies for quicker breach detection and remediation. Let' see how the two stack up in this comparison.

Illumio ASP vs AlienVault USM For Continuous Security Monitoring

It's been said many times before, but is always worth repeating: enterprises need a layered approach to security for combating today's cyber threats. Illumio ASP and AlienVault USM provide just that: working in conjunction with traditional security solutions like firewalls and IDS/IDPS solutions (or in USM's case, providing its own), the two platforms further smooth the attack surface area with features such as policy-based controls, security analytics, and crowd-sourced threat intelligence, among others. Let's see how they stack up in this comparison.

Filed under: security, monitoring, Illumio, AlienVault

Kali Linux vs Backbox: Pen Testing and Ethical Hacking Linux Distros

Hackers as portrayed on the big screen are usually sitting hooded in front of a monitor with sleek, shiny black hat tools laid out on the screen. Though in reality such tools in past years were mostly CLI-based, a new generation of penetration testing (pen testing) and ethical hacking tools feature both slick UIs and powerful functionality for testing cyber security controls and posture. In this comparison, we'll look at two of the best: the Kali Linux and BackBox Linux pen testing and ethical hacking distros.

11 Ways To Harden MS SQL Server 2008

As Redmond's flagship RDBMS solution, SQL Server provides the underlying data platform for a broad range of Microsoft enterprise solutions from Sharepoint to BizTalk Server. This, of course, makes bolstering SQL Server security a critical necessity for protecting MS-centric infrastructures against attackers. To this end, the following are 11 ways to harden MS SQL Server 2008 security.

Top 10 OS X El Capitan Security Flaws and Remediation Tips

The twelfth major release of Apple's flagship desktop and server operating system dropped on September 30th, 2015, bringing with it a host of new and improved features like Split View, a smarter Spotlight, Metal for Core Graphics, and under-the-hood performance improvements, among others. Alas, benefits do not without a price—in this case, myriad of security issues and exploitable vulnerabilities. The following are the top 10 of the lot followed by remediation tips.

10 Ways To Bolster PostgreSQL Security

PostgreSQL may be the world’s most advanced open source database, but its 82 documented security vulnerabilities per the CVE database also make it highly exploitable. Granted, the popular object-relational database is considered superior to others when it comes to out-of-the-box security, but proper measures are still required to protect web applications and underlying data. The following are 10 common ways to secure your PostgreSQL implementation from cyber attackers.

Filed under: security, database, PostgreSQL

Wireshark vs Netcat for Network Protocol Analysis

Network Protocol Analyzers (a.k.a. traffic packet analyzers or sniffers) are essential instruments in the network and/or security professional’s toolbox. The ability to examine traffic in motion across a network is critical for optimizing network topologies, troubleshooting malfunctioning or poorly-performing applications, and perhaps most importantly—identifying and mitigating cyber attacks. In this comparison, we’ll look at two leading network protocol analysis tools—Wireshark and Netcat—to see how they stack up against each other.

10 Important Solaris 10 CIS Security Benchmarks

Solaris 10 is the most widely deployed Unix operating system on the market, despite flip-flopping between open and close-sourced status multiple times between versions. Notwithstanding, users are well-advised to stay proactive in bolstering the security of deployments. The Center for Internet Security (CIS) provides guidelines for a wide range of enterprise software that can be helpful in this regard—the following are 10 of its security benchmarks for Solaris 10.

Filed under: security, CIS, solaris

Top 11 OS X Vulnerabilities And How to Fix Them

OS X may be considered Apple's desktop OS magnum opus, but it certainly hasn't been without its share of vulnerabilities (1,250 to date per the CVE database). The following are the top 11 OS X vulnerabilities and exploitation prevention tips.

 

Top 10 Red Hat Enterprise Linux 5 Security Checks

Despite crossing over the half-decade mark since its release, Red Hat Enterprise Linux (RHEL) 5 is still in widespread use—and will continue to be supported by Red Hat through November 30th 2020. Security enhancements in later versions of RHEL like improved Security Enhanced Linux (SELinux) and virtual machine security (i.e., Svirt) warrant a timely upgrade, but organizations unable to do so can still bolster RHEL 5 for a strong security posture.

Foreman vs Ansible Tower

When it comes to software, certain key attributes serve as a litmus test for enterprise-readinessquality and breadth of support, reporting and policy management capabilities, and scalability are common, among others. Three characteristics in particular are also increasingly important to enterprise automation solutions: the graphical user interface (GUI), integration capabilities, and security.

Hosted Chef vs Puppet Enterprise

As the two leading IT automation platforms by market share, Chef and Puppet have been compared against each other extensively—for UpGuard’s recent take, please see Puppet vs. Chef Revisited. In this comparison, we’ll instead approach matters a little differently by comparing and contrasting Hosted Chef—the SaaS version of the product—with the full-fledged, flagship Puppet Enterprise offering.

Filed under: chef, puppet, hostedchef

Foreman vs Puppet

A long time ago in a datacenter far, far away, developers and operators were writing specialized scripts by hand to manage IT resources. Configuration management (CM) and automation tools integrated these processes into streamlined solutions for delivering repeatable, rapidly deployable IT environments. Well, times they are a changin’ again, and automation tools have evolved—this time into comprehensive IT lifecycle management platforms for automating resource deployment from bare-metal to the application stack.