Details: Written by: Meena; Category: Cybersecurity PRISM

What is Data EGRESS?

Egress is just another word for 'exit.' It may also mean the act of going out or coming out (of something).

For example, a fire-escape is defined as a “means of egress” because that’s how somebody can get out of a building if there was fire or any other emergency.

In our context of network security, egress means the data that is coming/going out of your network, devices or interfaces.

In a nutshell, data egress means the data is leaving your network and going to external location.

Egress happens whenever data leaves your organization’s network:

Details: Written by: Meena; Category: Cybersecurity PRISM

What is WAF?

WAF stands for Web Application Firewall.

You already know that your network firewalls are there to protect your network from outside threats, in particular. However, you cannot defend so very well your web-facing applications with the network-firewalls.

Historically, most companies who were to comply with the PCI-DSS, were mandated to implement Web Application Firewalls (WAF). Typically if you were a retailer or a financial service provider you would already be using WAF. In recent years, this has changed, as most cybersecurity professionals are beginning to realize that they can no longer afford to miss out the deployment of a WAF. Because now they fully realize that their unprotected web-applications are attractive targets for cybercriminals who are looking for easy entry points into their networks.

You web applications are consistently facing Cross-site Scripting (XSS), SQL-Injection, Application Layer DoS attacks along with regular man-in-middle, cookies hijacking types of attacks. For example in case of XSS, flaws in both application-code and the devices they run on that allow these attacks to succeed, are actually quite widespread. Successful attacks can occur anywhere your web application uses input from a user to modify the output it generates without first validating or encoding it.

The fact is, securing application environments presents a unique and consistent challenge to your security teams.

Commercial code (of your web applications) can also be vulnerable to things like poor security hygiene, especially when a lack of resources inhibits your security team from applying patches and security fixes as soon as they’re available.

If you have thought that here we are dealing with your external web-facing applications only, then you are wrong. External web applications are only the half of the problem.

Details: Written by: Meena; Category: Cybersecurity PRISM

How much safe your VPN is?

Well, the answer is...It depends!

You use a reliable VPN to be sure that you remain safe & secure while you browse the internet. When you don't want to be snooped on by government agencies or other companies, then you use a VPN. When you want to access the websites which have been blocked by your government, then you use VPN. When you don't want your ISP to track your online activities, you use VPN.

VPN is a great tool, but they come with a caveat.

Not all VPNs are equal. For example, if you are using a free VPN then you might be compromising your security as well as anonymity.

Details: Written by: Meena; Category: Cybersecurity PRISM

What is a Man-In-The-Middle Attack?

These are very common cyber-attacks and well-known as MiTM attacks. These attacks allow cyber-attackers to eavesdrop on communication between two targets (or hosts) who are trying to communicate legitimately. They allow attackers to actually 'listen' to a conversation.

For example, Michael is having a communication with Jane, but Samantha wants to stay hidden and listen to what Michael and Jane are talking about. Samantha would pretend to be Michael when she is communicating with Jane.

Details: Written by: Meena; Category: Cybersecurity PRISM

What is Reverse Proxy?

Reverse Proxy is a server that is positioned in front of webservers.

As a cybersecurity professional, you would place a reverse proxy typically behind the firewall in your private network and it would direct client requests to the appropriate backend server. And in this position, your reverse proxy is able to intercept your users' requests and then it would forward them to the intended 'Origin' webserver.

When the origin server sends a reply, the reverse proxy takes that reply and sends it on to the user. In this way, a reverse proxy serves as a 'middleman' between users and the sites they are visiting.

A reverse proxy provides an additional level of abstraction and control to ensure the smooth flow of network traffic between clients and your servers. Your organization can use a reverse proxy to enact load balancing, as well as shield your users from undesirable content and outcomes. Therefore, a reverse proxy can be an integral part of your company’s security posture and makes your company’s network more stable and reliable.

Reverse Proxy Vs. Forward Proxy

Details: Written by: Meena; Category: Cybersecurity PRISM

What is Cloud VPN?

Cloud VPN is a technology that has been designed to help your users across your company to access your company's applications, data, and files through a website or a VPN application. It is different from traditional static VPNs, because it provides you a secure connection that you can even deploy rapidly and globally.

You have seen a dramatic rise in telework driven by the COVID-19 pandemic. It also demonstrated the limitations of traditional site VPNs. Many organizations discovered that their existing VPN solutions were unable to meet the needs of a mostly or wholly remote workforce. Hardware VPN appliances were overwhelmed, and it led to inefficient routing of cloud-bound traffic through the headquarters network. It resulted in increased network latency. Thus, Cloud VPNs have become a key requirement...it makes sense to transition your VPN solutions to the cloud as well.

These VPNs are based on 'Site-To-Cloud' Architecture, and enable your users to securely access your corporate networks and resources remotely, regardless of where your users are located on the globe. Cloud VPNs ensure that all of your employees whether they are travelling, or working from home, or working on the go, can security access networks.

Cloud VPN securely connects your peer-network to your Virtual Private Cloud (VPC) network through an IPsec VPN connection. Traffic traveling between the two networks is encrypted by one VPN gateway and then decrypted by the other VPN gateway. This action protects your data as it travels over the internet. You can also connect two instances of Cloud VPN to each other.

Cloud VPNs can also be called VPN as a Service (VPNaaS) or hosted VPNs.

2-Types of Cloud VPNs

Details: Written by: Meena; Category: Cybersecurity PRISM

What is UEBA?

UEBA stands for User And Entity Behavior Analytics.

USER + Entity

Modern cybersecurity solutions strive hard to monitor the behavior of human users (your employees, customers, partners' employees, etc). They go even further and monitor the behavior of non-human 'ENTITIES' too, that means they are capable of monitoring 'machines' also.

For example, on day if a given branch office of your company, suddenly starts receiving 1000s more of requests than usual, then there is very high-likelihood that your IT administrator might not notice this, as a potential DDoS attack. But your UEBA would surely recognize this enhanced number of incoming requests and take some pre-defined action.

Details: Written by: Meena; Category: Cybersecurity PRISM

Since the idea behind this post is to look at the evolution of Firewall, from the point of view of Palo Alto, I wish to introduce you to Nir Zuk, the founder & CTO of Palo Alto. How he looked at the issue or need of firewalls at various points in time...

What is a Firewall?

What is a SD-WAN?

Details: Written by: Meena; Category: Cybersecurity PRISM

The data is at the heart of whole IT and is the chief concern of cybersecurity…

Your company data consists of its intellectual property (IP), financial info and personal identifiable information (PII) of your customers and employees. All data that is confidential in nature, it vulnerable to attacks from cyber-attackers. There are so many potential issues which may expose your important data to outside world.

Details: Written by: Meena; Category: Cybersecurity PRISM

SASE is the new emerging concept in Cybersecurity....

In August 2019, Gartner published a report "The Future of Network Security in the Cloud". This report brought a strategic roadmap for SASE convergence. And the term SASE came into being as a new emerging cybersecurity concept.

Page 5 of 28

Knowledge Center

Popular Blog Posts

Management Consulting

Blog Feed